www.orientaldaily.com.my Open in urlscan Pro
124.217.235.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Submission: On May 03 via manual (May 3rd 2021, 10:09:02 am UTC) from SG

Summary HTTP 175 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 50 IPs in 6 countries across 29 domains to perform 175 HTTP transactions. The main IP is 124.217.235.42, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.orientaldaily.com.my.
TLS certificate: Issued by R3 on March 17th 2021. Valid for: 3 months.

This is the only time www.orientaldaily.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15 19	124.217.235.42 124.217.235.42	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
17	89.187.169.15 89.187.169.15	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2010	15169 (GOOGLE) (GOOGLE)
1 3	13.224.106.70 13.224.106.70	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	54.225.157.230 54.225.157.230	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2.21.242.228 2.21.242.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
7	23.79.150.67 23.79.150.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	192.229.233.139 192.229.233.139	15133 (EDGECAST) (EDGECAST)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	99.86.2.119 99.86.2.119	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
4 7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:710... 2a02:26f0:7100::1720:eeb8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	3.229.28.141 3.229.28.141	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
175	50

19 124.217.235.42 (Malaysia) 15 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)

www.orientaldaily.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com

media5.orientaldaily.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.106.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-70.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.157.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-157-230.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.242.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-242-228.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.79.150.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-150-67.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.233.139 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

my.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.2.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-119.fra6.r.cloudfront.net

adunit.datawrkz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.165 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:eeb8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.28.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-28-141.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	365 KB
36	orientaldaily.com.my 15 redirects www.orientaldaily.com.my media5.orientaldaily.com.my	777 KB
25	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	196 KB
13	googleapis.com fonts.googleapis.com storage.googleapis.com ajax.googleapis.com	130 KB
11	popin.cc api.popin.cc my.popin.cc log.popin.cc r.popin.cc inrecsys.popin.cc	104 KB
7	googletagservices.com www.googletagservices.com	224 KB
6	google.com 2 redirects adservice.google.com www.google.com	308 B
6	addthis.com s7.addthis.com api-public.addthis.com	194 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900016.redintelligence.net	9 KB
5	2mdn.net s0.2mdn.net	107 KB
5	ampproject.org cdn.ampproject.org	108 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	facebook.com www.facebook.com	480 B
3	openx.net 2 redirects us-u.openx.net	829 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	facebook.net connect.facebook.net	169 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	datawrkz.com adunit.datawrkz.com	23 KB
2	google.de adservice.google.de www.google.de	272 B
2	izooto.com cdn.izooto.com	41 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	contentspread.net cdn.contentspread.net	52 KB
1	treasuredata.com in.treasuredata.com	515 B
1	createjs.com code.createjs.com	63 KB
1	addthisedge.com v1.addthisedge.com	806 B
1	moatads.com z.moatads.com	1 KB
1	sascdn.com ced.sascdn.com	11 KB
1	ipify.org api.ipify.org	230 B
175	29

	Domain	Requested by
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.orientaldaily.com.my 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net tpc.googlesyndication.com
19	www.orientaldaily.com.my	15 redirects www.orientaldaily.com.my
17	media5.orientaldaily.com.my	www.orientaldaily.com.my media5.orientaldaily.com.my
15	pagead2.googlesyndication.com	5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.orientaldaily.com.my www.googletagservices.com securepubads.g.doubleclick.net
11	storage.googleapis.com	www.orientaldaily.com.my storage.googleapis.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.orientaldaily.com.my 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com www.orientaldaily.com.my
7	www.googletagservices.com	www.orientaldaily.com.my securepubads.g.doubleclick.net 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
5	s0.2mdn.net	www.orientaldaily.com.my s0.2mdn.net 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	2 redirects www.orientaldaily.com.my 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
5	5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	s7.addthis.com	www.googletagmanager.com s7.addthis.com
4	hal900016.redintelligence.net	1 redirects 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com hal900016.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.facebook.com	www.orientaldaily.com.my connect.facebook.net
3	r.popin.cc	www.orientaldaily.com.my
3	log.popin.cc	www.orientaldaily.com.my
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	connect.facebook.net	www.orientaldaily.com.my connect.facebook.net
3	api.popin.cc	www.orientaldaily.com.my api.popin.cc
3	sb.scorecardresearch.com	1 redirects www.orientaldaily.com.my
2	googleads4.g.doubleclick.net	www.orientaldaily.com.my
2	adunit.datawrkz.com	securepubads.g.doubleclick.net adunit.datawrkz.com
2	cdn.izooto.com	www.googletagmanager.com cdn.izooto.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.orientaldaily.com.my
1	ade.googlesyndication.com
1	cdn.contentspread.net	hal900016.redintelligence.net
1	inrecsys.popin.cc	www.orientaldaily.com.my
1	in.treasuredata.com	api.popin.cc
1	code.createjs.com	s0.2mdn.net
1	hal9000.redintelligence.net	5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
1	api-public.addthis.com	s7.addthis.com
1	my.popin.cc	api.popin.cc
1	v1.addthisedge.com	s7.addthis.com
1	www.google.de	www.orientaldaily.com.my
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ced.sascdn.com	storage.googleapis.com
1	ajax.googleapis.com	storage.googleapis.com
1	api.ipify.org	storage.googleapis.com
1	fonts.googleapis.com	media5.orientaldaily.com.my
175	47

This site contains links to these domains. Also see Links.

Domain
ufood.orientaldaily.com.my
lvlup.datawrkz.com
odn.my
traffic.popin.cc
play.google.com
apps.apple.com
appgallery.huawei.com
www.facebook.com
twitter.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
orientaldaily.com.my R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
media5.orientaldaily.com.my R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
api.popin.cc DigiCert TLS RSA SHA256 2020 CA1	`2021-03-25` - `2022-03-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
*.datawrkz.com Go Daddy Secure Certificate Authority - G2	`2020-05-31` - `2021-07-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.treasuredata.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Frame ID: 4BB46FE6648E4F292D5D9A0ADB8C25EB
Requests: 85 HTTP requests in this frame

Frame: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACB2A2E80C13EB0D2BBF856AFA3DB8E4
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyB6wiqp8jm4xo6UqAFP0-VoEiibfaP_bQ5BkfOk4VlTxw3TXm0El10ZWEeN4u7PlTIrQP5cvi-Wd6-SmsAVBGk3O4FGpE-xf_RG5XuiZAuknBgkzmo86i1ubC3a0hfonrDkI3oTD47xaRBEjbTt9SNdOYTk9dbclp_1UeTk0lKyn0xCyvwUGm9GkWdfr7JdxkAgA_zYoR95hk8YSM4DJVCSiO2JZGldBry0dNazynrhR0VW9HRBnXL8v4MPkUMvzSgkyJxeTSxbWfPf0oh1fDdf8tsb_z-xCBTTpc5OxqAQoC7i0RqwXbJE62dnwciVGblMR66DbT5Ka5GQIF8A&sai=AMfl-YTP9FJGv-DvVgoeDWWcF4T9XM8wffAv8I74Kc7jn4gRKCSNAgN2YBISmm0NX3zP2VnZu_Go0OoC6Q0JSGSAprYzGArguBzrdTmV3PMYzOAm2gGIBqe4DOz45Vps4pQ5&sig=Cg0ArKJSzJrTyg-8AzxAEAE&urlfix=1&adurl=
Frame ID: 00DD0E5235B93EDB3F7CD6DBAE51F9E2
Requests: 6 HTTP requests in this frame

Frame: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 857EE465CB9B8A2C7A44482BD1F0FE30
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: B512F95BAC351B77631DE8E500EAC545
Requests: 16 HTTP requests in this frame

Frame: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6B8ED53AEA339D7D425A8A7AE78E72A0
Requests: 8 HTTP requests in this frame

Frame: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D4E849E6C481355C8F53A4BFD06956AC
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig
Frame ID: 4222474893CF936E7ABFCD61A2978872
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html
Frame ID: D53DEA4C8E9BB0EA34DF1DE02B830490
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW4_bB8kHOqXKB0lai_7r1u65gIXH3b5ssk6fg9SBPYMbOgf3OD_wOtXHAGHsLKG6ZhWN4FNBhVx7_56Ldty3Gej_xPPiDEGSsHsyO55DPoK0FPX7P4z-LIPpVqsrDUtf3uVMDLLW-5SACsvt22-MQIkGN0PmwJF2kfaRncJwhtHRo0LC1i6VxGHssBEKIQP7f1HRBaUKlOj4c2BZevuypN5WAJZQ
Frame ID: 80AFF8A9C4EB8B3939E53E3B78E8500E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C3741125E9DDBD1043399341F5FC8EBD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E7E91EE11D9E022FE59C5199D440B84
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8264868/1619111140812/index.html
Frame ID: FE2B2AF0910DC1163CC87B21A815EFF7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B2495A7B7C247342F1DCF40F93AB49C2
Requests: 3 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=58928600088045800710584011583016&a=59a47c83
Frame ID: 4A38EF4D2A1CB74EFEC2E71B725DF396
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5799E05697181CE7A3B805E5A43B38C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

175
Requests

99 %
HTTPS

51 %
IPv6

29
Domains

47
Subdomains

50
IPs

6
Countries

2664 kB
Transfer

6052 kB
Size

13
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://ufood.orientaldaily.com.my/
Title: U玩食

Search URL Search Domain Scan URL

URL: http://lvlup.datawrkz.com/

Search URL Search Domain Scan URL

URL: https://odn.my/ios
Title: https://odn.my/ios

Search URL Search Domain Scan URL

URL: https://odn.my/android
Title: https://odn.my/android

Search URL Search Domain Scan URL

URL: https://odn.my/appgallery
Title: https://odn.my/appgallery

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F26%2F407740

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F26%2F407584

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F05%2F02%2F408863

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F27%2F407784

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.my.orientaldailynews
Title: 安卓APP

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/oriental-daily-%E4%B8%9C%E6%96%B9%E6%97%A5%E6%8A%A5-%E9%A9%AC%E6%9D%A5%E8%A5%BF%E4%BA%9A%E7%83%AD%E7%82%B9%E6%96%B0%E9%97%BB/id1550134045
Title: 苹果APP

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C103900095
Title: 华为APP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OrientalDailyNewsMalaysia/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/odnmalaysia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orientaldailynews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://t.me/orientaldailynewsmalaysia
Title: Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101 HTTP 301
https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101

Request Chain 2

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg

Request Chain 3

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg

Request Chain 4

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg

Request Chain 5

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg

Request Chain 6

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png

Request Chain 7

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg

Request Chain 8

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg

Request Chain 9

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg

Request Chain 10

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg

Request Chain 11

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg

Request Chain 12

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg

Request Chain 13

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg

Request Chain 14

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg

Request Chain 15

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg

Request Chain 43

https://sb.scorecardresearch.com/b?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0%20%7C%20%E5%9B%BD%E9%99%85%20%7C%20%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0%20%7C%20%E5%9B%BD%E9%99%85%20%7C%20%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&c9=

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YI-LqzklRyuIjMAY1Gu8dAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF12vHG9s1lVQaU-oXF8LWM&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEzMTczNTEzNDQ3MDEwMzU4OQ%3D%3D

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENbUOdVP1vYwPB3GUfNXVNI&google_cver=1

Request Chain 135

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTM3NTY5OTgtZDE2OS0yMzlmLWM1Y2ItZjc2ZDAyNjA3MmVh

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 164

https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=5999300267218&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=5999300267218&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

175 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 408221 Show response
www.orientaldaily.com.my/news/international/2021/04/29/ 56 KB
13 KB 671ms
328ms Document
text/html 124.217.235.42
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.42 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: aa2e6b46f0c311645b835706dddf4acbfdad41baedcceae50b5b1eb214ea3116

Request headers

Host: www.orientaldaily.com.my
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.19.0
Date: Mon, 03 May 2021 10:08:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Cache-Control: public
Vary: Accept-Encoding
X-Varnish: 170296038
Age: 0
Via: 1.1 varnish (Varnish/6.4)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range

GET
H2

200

app.css
media5.orientaldaily.com.my/assets/css/
Redirect Chain

https://www.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101

162 KB
31 KB

60ms
14ms

Stylesheet
text/css

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 44f032aa3c709a45314d8120f8fb9aea09a3b073ce89ece98a63a9f3f25eb78b

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 601
age: 6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-05-03 10:26:07
cdn-pullzone: 33990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
access-control-allow-origin: *
last-modified: Mon, 03 May 2021 08:25:27 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 200
vary: Accept-Encoding
x-varnish: 131048022 105416831
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 5f2e5a8a3ce040ff382ee41a9011483c
cdn-requestcountrycode: DE
content-type: text/css
link: <https://boron.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:41 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fa2966ebd97eebcb62216619377bb0c7651c795a35ad9ea504e5d49283a932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "860 / 327 of 1000 / last-modified: 1620034722"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21179
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:41 GMT

GET
H2

200

94ac4d24390940e03a4ca93093f453ce.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg

102 KB
103 KB

10ms
10ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: ec87c560abae0dbc56a4b0aead069c4118f6a5aaf25e0690fc56cbf3d9431259

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-04-29 02:32:53
cdn-pullzone: 33990
content-length: 104543
last-modified: Thu, 29 Apr 2021 00:29:07 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 425372736
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 835b3bd27daa267ad7956e738b715707
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/APR_2021/20210429/hondaaaaaaa.jpg/94ac4d24390940e03a4ca93093f453ce.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

e9811be24fd5113531554036925d42e3.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg

20 KB
20 KB

21ms
20ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: d4939f13d80713dd95b6f041adf16f9e5bd0315434a5e38c88af0a47a3d2e9e7

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 722
age: 111
cdn-cachedat: 2021-05-03 09:19:58
cdn-pullzone: 33990
content-length: 20312
last-modified: Mon, 03 May 2021 07:18:04 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 140231741 139184408
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: ff998e88222a29e38cce6695cfe58387
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/ybb001.jpg/e9811be24fd5113531554036925d42e3.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

b3eeb8cb38ba85c7372ae58633e8bd77.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg

31 KB
31 KB

20ms
20ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 82dfe7b5086b42f0ecc780ca27f6e469ccbddbef6e512957330fc9f4f950bd9f

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 565
age: 40
cdn-cachedat: 2021-05-03 07:55:49
cdn-pullzone: 33990
content-length: 31520
last-modified: Mon, 03 May 2021 05:51:47 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 73541141 139726128
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 8e0c2ab3096644143cd359854e268417
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6e21bb6c-ae24-4d19-a198-7133360d66dd.jpg/b3eeb8cb38ba85c7372ae58633e8bd77.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ca33d99e44b2556c8e32c5b65b0d1c68.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg

12 KB
13 KB

32ms
32ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: cfdca3831bee52368f7306ef29ddc2b33943de457613b9a8dba4a43ac5a4fc38

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 601
age: 103
cdn-cachedat: 2021-05-03 09:44:57
cdn-pullzone: 33990
content-length: 12507
last-modified: Mon, 03 May 2021 07:41:23 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 120981455 133682737
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: fb188e621c40d49bb662284e0b77a435
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/lim.jpg/ca33d99e44b2556c8e32c5b65b0d1c68.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

65511aa852e17c834f54e878697b4f4f.png
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png

124 KB
124 KB

13ms
13ms

Image
image/png

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 507f72c7f7c2b51b84cb031054bfc6c9ad5a7b3aab7cd06cd8642ae7d6ad6645

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-05-03 11:00:02
cdn-pullzone: 33990
content-length: 126546
last-modified: Mon, 03 May 2021 08:50:35 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 145428318
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 382170ca10cc8bf87027d3f1d167756f
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/png
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/dd12.png/65511aa852e17c834f54e878697b4f4f.png
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ad5e5ad40a567323c5dd031ee9e8b26d.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg

21 KB
21 KB

19ms
19ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 09013f19c87a2786ab7fe942528f56550f27f53380f417cb840f3a7f4e6d6f10

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 722
age: 0
cdn-cachedat: 2021-05-03 09:19:58
cdn-pullzone: 33990
content-length: 21368
last-modified: Mon, 03 May 2021 07:15:26 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 140231743
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 6c837dc2ae2f93c7f81983bffbf4ddc2
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/89879879879.jpg/ad5e5ad40a567323c5dd031ee9e8b26d.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1fe2474edc2a27001732433c6ac1723d.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg

17 KB
17 KB

9ms
8ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 9625617d06d9b78c71f4225907f1e4e955cbaf116be755e2069cb34376c7b87c

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-05-03 09:22:58
cdn-pullzone: 33990
content-length: 16955
last-modified: Mon, 03 May 2021 07:11:42 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 115527178
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 648686ca9677efc293c878ca332b8059
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/6d2db9fe-a215-4433-9c24-67a5332f15f3.jpg/1fe2474edc2a27001732433c6ac1723d.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

035cddb49d647299e7cc9a727f9d0bd7.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg

34 KB
35 KB

35ms
35ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 32dfc505c7c5621d0e04b4950e7b82bacf3c936944f07f1bbfd96904553c166a

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 632
age: 11
cdn-cachedat: 2021-05-03 11:18:18
cdn-pullzone: 33990
content-length: 34904
last-modified: Mon, 03 May 2021 09:18:03 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 186682827 174985829
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 94ea45913c04ddbdda4dd22865b09659
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/0f198d98-4f9a-47c8-8700-5ec6f9128a39.jpg/035cddb49d647299e7cc9a727f9d0bd7.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

36053da7a8027773ae76083e0bb7d588.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg

15 KB
16 KB

11ms
11ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 0344bd4ae65a01aff8febf8ee046d804fbb54091bd3151f0a71dd0843488c5a7

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 723
age: 22
cdn-cachedat: 2021-05-03 11:25:50
cdn-pullzone: 33990
content-length: 15837
last-modified: Mon, 03 May 2021 09:25:27 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 174391921 150049316
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: d3c320b372d10d4ecb9c9e3263d756f3
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/klia_flight_delay_240819f.jpg/36053da7a8027773ae76083e0bb7d588.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

3ef08ca8d8a4c1450cbff3ac50386e5b.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg

21 KB
22 KB

29ms
28ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 9cc2ac74d04cbeb4ff79406214a678fb052c5d29b8dccab1d41a5a6c8dbdb15b

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 601
age: 9
cdn-cachedat: 2021-05-03 11:17:00
cdn-pullzone: 33990
content-length: 21764
last-modified: Mon, 03 May 2021 09:09:15 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 174985335 171477002
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 050b7129aecfc0aa22f079c691bda08b
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/7c84ef51-bd23-4dd8-b344-f4ef7d503a54.jpg/3ef08ca8d8a4c1450cbff3ac50386e5b.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

802412e1671bdefda9ee0d7c3f09f0a7.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg

23 KB
23 KB

9ms
8ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 5e51705eef4fd6c25448de6f68426684465318f94e90e1c35cec76e78b8b4144

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 723
age: 0
cdn-cachedat: 2021-05-02 04:39:20
cdn-pullzone: 33990
content-length: 23123
last-modified: Sun, 02 May 2021 02:34:04 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 1003620371
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 66602a3d95a896a2cd73c87bbbcd0116
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/f3a254a312febf613c9586d012648ded-696x464.jpg/802412e1671bdefda9ee0d7c3f09f0a7.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

2db1e286a80bb33c8afb38ba75e54106.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg

15 KB
16 KB

23ms
23ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: e942b29454175d0d1586a54c8c6aea225fdacc869c6638461fa4e60388110382

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 601
age: 69
cdn-cachedat: 2021-05-02 09:18:32
cdn-pullzone: 33990
content-length: 15311
last-modified: Sun, 02 May 2021 07:15:04 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 1064308911 1072667742
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: b489424a952d87205319afe0427e7691
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210502/705ed999-523a-4e83-9581-adcc46540e94.jpg/2db1e286a80bb33c8afb38ba75e54106.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

a92bc335e137971c5521ec53035e3dd0.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg

15 KB
16 KB

13ms
12ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 79e679273ccb9274570af9420603e1c4e23df95b0d88a3fb4bf846cbe6d082e1

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 722
age: 6
cdn-cachedat: 2021-05-03 03:58:31
cdn-pullzone: 33990
content-length: 15669
last-modified: Mon, 03 May 2021 01:54:44 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 101785239 117874014
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 8eda25b8e09579b212fcd08a98c73524
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210503/641_(1).jpg/a92bc335e137971c5521ec53035e3dd0.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

88e473196ed008a6428a20a8c81a515e.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg

31 KB
31 KB

11ms
11ms

Image
image/jpeg

89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 631cc9501cbf5fec658b6dcd2880928472002eeec028e12d0fa6e37a97de2c05

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 632
age: 109
cdn-cachedat: 2021-05-01 15:15:23
cdn-pullzone: 33990
content-length: 31644
last-modified: Sat, 01 May 2021 13:13:29 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 981798411 917586627
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: d7f5f53475e9f9f4785672ed41c96756
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/jpeg
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg>; rel="canonical"
cdn-requestpullsuccess: True

Redirect headers

Date: Mon, 03 May 2021 10:08:42 GMT
Server: nginx/1.19.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2021/MAY_2021/20210501/fxx.jpg/88e473196ed008a6428a20a8c81a515e.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK manifest.js Show response
www.orientaldaily.com.my/assets/js/ 1 KB
2 KB 316ms
169ms Script
application/javascript 124.217.235.42
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/manifest.js?id=227795a4cf81cedbd601
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.42 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 453d30e6feab35156983d8f88c293ebcc88740572e4aca5ef9cb25d5ca7f3262

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.orientaldaily.com.my
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Connection: keep-alive
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:41 GMT
Via: 1.1 varnish (Varnish/6.4)
Age: 9
Connection: keep-alive
Content-Length: 1450
Last-Modified: Mon, 03 May 2021 08:25:27 GMT
Server: nginx/1.19.0
ETag: "608fb377-5aa"
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Varnish: 185434692 163290925
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK vendor.js Show response
www.orientaldaily.com.my/assets/js/ 205 KB
206 KB 272ms
168ms Script
application/javascript 124.217.235.42
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/vendor.js?id=55e20089987d5a7e89ad
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.42 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 4785f439c8c88370dbc1999303d5f4f0a310d1997a5893ae94798b568e99675b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.orientaldaily.com.my
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Connection: keep-alive
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:41 GMT
Via: 1.1 varnish (Varnish/6.4)
Age: 9
Connection: keep-alive
Content-Length: 209922
Last-Modified: Mon, 03 May 2021 08:25:27 GMT
Server: nginx/1.19.0
ETag: "608fb377-33402"
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Varnish: 182682517 163290928
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK app.js Show response
www.orientaldaily.com.my/assets/js/ 7 KB
7 KB 288ms
184ms Script
application/javascript 124.217.235.42
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/app.js?id=cfff1b8be9d0b7a067ce
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.42 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ad17a7fff176ab184a85e8824ed0da90cf71ea85bc251e647afa228dd36bf107

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.orientaldaily.com.my
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Connection: keep-alive
Referer: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:41 GMT
Via: 1.1 varnish (Varnish/6.4)
Age: 9
Connection: keep-alive
Content-Length: 6701
Last-Modified: Mon, 03 May 2021 08:25:27 GMT
Server: nginx/1.19.0
ETag: "608fb377-1a2d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Varnish: 185139344 186977082
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 css
fonts.googleapis.com/ 2 KB
598 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://media5.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:52:42 GMT
server: ESF
date: Mon, 03 May 2021 10:08:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 10:08:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
38 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c810ad2bf811cede73200ab62010f9c4bd1ed716b95f5eec3e0dd48934ef8fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38324
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 10:08:41 GMT

GET
H2 200 avmLibrary.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 16 KB
17 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:35 GMT
content-encoding
age: 6
x-guploader-uploadid: ABg5-UxrW02kcROI3DkN6HeUGLGN-qeU32VP2X7DgAyOnwRCAXKcJB8Hnc08JGKB-ZZ3FPx1PuD0RliPNTJoTE0LMIVNfXnt_A
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding
content-disposition
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16656
x-goog-meta-
last-modified: Tue, 11 Aug 2020 07:31:10 GMT
server: UploadServer
etag: "9dfc4ebc8c94abdb09c9fb98143eff5e"
x-goog-hash: crc32c=61K1/A==, md5=nfxOvIyUq9sJyfuYFD7/Xg==
content-language
x-goog-generation: 1597131070573686
cache-control: public, max-age=60
x-goog-stored-content-length: 16656
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:09:35 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 123ms
40ms Script
application/javascript 13.224.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-70.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:58:57 GMT
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 5fZc63IYgAu7ya-xiMkoipw8K54OQbDlsRxgRJVBPapJEtgUMVqOtw==

GET
H2 200 logo-official.png
media5.orientaldaily.com.my/assets/images/ 11 KB
12 KB 9ms
9ms Image
image/png 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/assets/images/logo-official.png?d075e3a5eda3d0a9e2fabdca6a33dd05
Requested by: Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: 6136c5d4c2b4254689208e8d07fd300b6b66e57eec737b54e0470bb1805c562e

Request headers

Referer: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-05-02 05:48:47
cdn-pullzone: 33990
content-length: 11771
last-modified: Sat, 04 May 2019 23:02:56 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 937956039
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 92e12fa52f26bf74d5cc7be376f8bead
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: image/png
link: <https://boron.orientaldaily.com.my/assets/images/logo-official.png?d075e3a5eda3d0a9e2fabdca6a33dd05>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fontello.woff2
media5.orientaldaily.com.my/assets/fonts/ 11 KB
12 KB 28ms
12ms Font
application/octet-stream 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.orientaldaily.com.my/assets/fonts/fontello.woff2?3d346d4ca58d8e2177503c2f69b71f8c
Requested by: Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-15.cdn77.com
Software: BunnyCDN-DE1-632 /
Resource Hash: fea25505358a9fb0d38689edd69a01354319a992a2ade513af64420f1a54e231

Request headers

Origin: https://www.orientaldaily.com.my
Referer: https://media5.orientaldaily.com.my/assets/css/app.css?id=b4bdf884f73bdd5e6101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
via: 1.1 varnish (Varnish/6.4)
cdn-edgestorageid: 601
age: 0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-04-30 06:46:45
cdn-pullzone: 33990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 11156
access-control-allow-origin: *
last-modified: Sat, 04 May 2019 23:02:56 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
x-varnish: 586747116
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public
cdn-requestid: 61d3748bcf0e380bfbf6a94b63032ecf
cdn-requestcountrycode: DE
accept-ranges: bytes
content-type: application/octet-stream
link: <https://boron.orientaldaily.com.my/assets/fonts/fontello.woff2?3d346d4ca58d8e2177503c2f69b71f8c>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2021042901.js Show response
securepubads.g.doubleclick.net/gpt/ 298 KB
106 KB 38ms
15ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107611
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:41 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 46 B
230 B 1560ms
1249ms Script
application/javascript 54.225.157.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=adAsiaTM.writeIpData
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.157.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-157-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c60f553404df6f096cf302da643b80df46faa8517c7768065ef7031d2f3f37af

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 46
Vary: Origin
Content-Type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:39:21 GMT
x-content-type-options: nosniff
age: 469760
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 23:39:21 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 32 KB
11 KB 26ms
8ms Script
application/javascript 2.21.242.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.242.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-242-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09aa83c064af132a1fc52fac765671a6ab87ab12c4a7d6577f85c0f391541967

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:41 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=88
Content-Length: 11374
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H3-29 200 atmSticky.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 6 KB
6 KB 20ms
6ms Script
application/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/atmSticky.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:12:34 GMT
age: 3367
x-guploader-uploadid: ABg5-UzC9ow0ApWCo-RuFzy8iLnX8fIo-TClzqIo_YxnBp9CKXm6pkW_DMGZ6qBsc34zgdYra-1fM26FfaHAAIwQ0I7gYtWWYg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
last-modified: Fri, 24 Aug 2018 08:30:39 GMT
server: UploadServer
etag: "0f158b74b82b73279189624ff4bee981"
x-goog-hash: crc32c=HUYPNw==, md5=DxWLdLgrcyeRiWJP9L7pgQ==
x-goog-generation: 1535099439593447
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6232
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 03 May 2022 09:12:34 GMT

GET
H3-29 200 domain.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 11 KB
11 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/domain.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:55:21 GMT
age: 800
x-guploader-uploadid: ABg5-UzjC3zlnLiQFNF5zQ8GMh3StIBiXqlG32FGeiZWbvUmLcbUcDzCwsN0OHrpiNUGO5Ov24FZ6pj-kBf1Os3ZLh7WQTjjew
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11525
last-modified: Tue, 27 Oct 2020 09:28:39 GMT
server: UploadServer
etag: "9ea740f3ffa53339fa0a55540ed53fd8"
x-goog-hash: crc32c=IZZ5fQ==, md5=nqdA8/+lMzn6ClVUDtU/2A==
x-goog-generation: 1603790919481748
cache-control: public, max-age=3600
x-goog-stored-content-length: 11525
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:55:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2326
date: Mon, 03 May 2021 09:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 03 May 2021 11:29:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 25ms
12ms Script
application/javascript 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Mon, 03 May 2021 10:08:41 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 34ms
19ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067a3bdb8a1f4c31676234c3ab664a69585d9e54bb5047dc7c681087e9a0c03b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Jan 2021 07:23:42 GMT
server: cloudflare
age: 324338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Tue, 11 May 2021 10:08:41 GMT
cf-ray: 6498b085bce105c4-FRA
cf-request-id: 09d34ca797000005c45231d000000001
cf-bgj: minify

GET
H3-29 200 id_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 155 B
182 B 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/id_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6711a28bc6f36eec53ae7ebc12fb3a488a90f104d57dab94fd2e34aa7ce9bf47

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:59:22 GMT
age: 559
x-guploader-uploadid: ABg5-UyKRZf38CQiFFQsisJScBeAJW3cQqe8CWpiMY5_y7nbubQ9qV-wBiI1pFzDpN8j8p0QtO2A6S0Sj5pUwkx6jGTNCYAvlg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155
last-modified: Tue, 20 Aug 2019 03:10:31 GMT
server: UploadServer
etag: "f64874a7c3f098338883ee75f7e42d74"
x-goog-hash: crc32c=CZ7HWg==, md5=9kh0p8PwmDOIg+519+QtdA==
x-goog-generation: 1566270631312195
cache-control: public, max-age=3600
x-goog-stored-content-length: 155
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:59:22 GMT

GET
H3-29 200 kh_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 66 B
93 B 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/kh_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: babe0c548b8e5ec81b26ddb738b4429e82fe3f5dd89fbcbf5440c2dd609a246a

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:22:39 GMT
age: 2762
x-guploader-uploadid: ABg5-UzhtPddPmM3Ud1JBrZOeVRdDdH-DPODkg4yu35ggzsMJXf5T8RDuVHUnnQ8bDVJvOOT_NXMuSFhexaWlY6X0a7EUS-yqA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
last-modified: Thu, 21 Feb 2019 08:49:38 GMT
server: UploadServer
etag: "859acb8182a913304e4478b42bcbb8bc"
x-goog-hash: crc32c=jE+qtw==, md5=hZrLgYKpEzBORHi0K8u4vA==
x-goog-generation: 1550738978074998
cache-control: public, max-age=3600
x-goog-stored-content-length: 66
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:22:39 GMT

GET
H3-29 200 my_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 86 B
120 B 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/my_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fc4ff302f60f50802e076be5127358905f9b2a842edceed9c1225c8a58fe7405

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:18:38 GMT
age: 3003
x-guploader-uploadid: ABg5-Uwa9i8gEca8ToNzmZCylZ-qdiTd3jd-bKJ6xugqYIDEf1-9LL2DLu5lSh4tEBjY0RFZrASi5hhDVglUjiI-9oY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
last-modified: Tue, 20 Aug 2019 03:10:30 GMT
server: UploadServer
etag: "d7540558d232f2d158cc401d7f6d78a9"
x-goog-hash: crc32c=LFTqeA==, md5=11QFWNIy8tFYzEAdf214qQ==
x-goog-generation: 1566270630047673
cache-control: public, max-age=3600
x-goog-stored-content-length: 86
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:18:38 GMT

GET
H3-29 200 ph_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 66 B
99 B 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/ph_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3507f4575f5985393867eaadc7d441763b5e41491153f0d9fa55e1c493aab4da

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:13:59 GMT
age: 3282
x-guploader-uploadid: ABg5-UyK-frz9lPK-46fLPF5h86zfMQabYTkrJ0ABsDQ7fHufnacRoXDIXHI7ruhmd3lY5LvwBekOcw9GBoyqjRcpKERyo2L2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
last-modified: Thu, 21 Feb 2019 08:49:37 GMT
server: UploadServer
etag: "70f97a36f1bdcee05cb8c43b6e8bf7df"
x-goog-hash: crc32c=EcbULQ==, md5=cPl6NvG9zuBcuMQ7bov33w==
x-goog-generation: 1550738977125254
cache-control: public, max-age=3600
x-goog-stored-content-length: 66
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:13:59 GMT

GET
H3-29 200 sg_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 79 B
113 B 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/sg_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 74e43cd9bd0b60b458bb8aa6916e7dcfe18fffb1136a859b515fb9a74230aeec

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:58:21 GMT
age: 620
x-guploader-uploadid: ABg5-UzYbgXzy82eqPrTqNJOltIb1iTgOuPGCV_WBLpma1W2OB7Qhd1psHI1EVLrE1GWqe-VNCwPUYyyJNVnWkIRAD6QFexrcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
last-modified: Tue, 20 Aug 2019 03:10:30 GMT
server: UploadServer
etag: "3f9a632d30534c571888137b52840648"
x-goog-hash: crc32c=MoTjeQ==, md5=P5pjLTBTTFcYiBN7UoQGSA==
x-goog-generation: 1566270630162203
cache-control: public, max-age=3600
x-goog-stored-content-length: 79
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:58:21 GMT

GET
H3-29 200 th_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 305 B
332 B 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/th_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 413cd581ccec1beb6d530b5f73d5e8becd268f818080106714fc1dca2634dce6

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:21:16 GMT
age: 2845
x-guploader-uploadid: ABg5-Uxi4ACzGakZy6L3ukzbP1jNrCqKJGSAFWvCLaGU1ETENy3ksCkLjpltCSd9itxpTIVIjEqmxDx9rDqd1AehI3wusxJT6A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
last-modified: Tue, 20 Aug 2019 03:10:30 GMT
server: UploadServer
etag: "2c807f2c91fbae92542f6b396970e665"
x-goog-hash: crc32c=7PJsiw==, md5=LIB/LJH7rpJUL2s5aXDmZQ==
x-goog-generation: 1566270630220910
cache-control: public, max-age=3600
x-goog-stored-content-length: 305
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:21:16 GMT

GET
H3-29 200 tw_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 66 B
97 B 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/tw_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 90ec4e6600f62db196a24bb5eb6ff4eafca82084c9f3b95520cbce94e9f36224

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:01:14 GMT
age: 447
x-guploader-uploadid: ABg5-UxfkwJUZk9g7lAMhR7nGlmKSnPoC5gTCDcSCH6JAKDC2XD7zqNGyWt83RhLEoQdb7KFUv72C3dQFJw8N1gULyg5cJcdWg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
last-modified: Thu, 21 Feb 2019 08:49:36 GMT
server: UploadServer
etag: "11d89550068ebfac0c1ef489211c715a"
x-goog-hash: crc32c=dXGtPA==, md5=EdiVUAaOv6wMHvSJIRxxWg==
x-goog-generation: 1550738976336889
cache-control: public, max-age=3600
x-goog-stored-content-length: 66
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 11:01:14 GMT

GET
H3-29 200 vn_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 97 B
125 B 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/vn_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:13:46 GMT
age: 3295
x-guploader-uploadid: ABg5-Uy2udxD4hGErsslSgFDFmKUGFrcNZD1ppLPgizcC7gGkhhkLfY7qSZxDABudOVEnfPdVwbLObnyAo0ywcts7wMJARFvUg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
last-modified: Tue, 20 Aug 2019 03:10:31 GMT
server: UploadServer
etag: "9ab805e8e5990ef2f6e5490772bebde8"
x-goog-hash: crc32c=yqWvcg==, md5=mrgF6OWZDvL25UkHcr696A==
x-goog-generation: 1566270631279906
cache-control: public, max-age=3600
x-goog-stored-content-length: 97
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 03 May 2021 10:13:46 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
35 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNWCKX&l=adAsiaDataLayer

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18e660daaf0521696bf961cd95369409a2612d032b6b7c7f5c4b80ca502bebf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35651
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 10:08:41 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%9...
https://sb.scorecardresearch.com/b2?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%...

64 B
328 B

67ms
66ms

Image
image/gif

13.224.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0%20%7C%20%E5%9B%BD%E9%99%85%20%7C%20%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&c9=
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-70.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 4lUWDdssski09b2ctx6cVipcjWJzIdahNIzasuUZoLGHxHc6Uw6ZJg==

Redirect headers

date: Mon, 03 May 2021 10:08:41 GMT
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=17813110&ns__t=1620036521918&ns_c=UTF-8&cv=3.5&c8=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0%20%7C%20%E5%9B%BD%E9%99%85%20%7C%20%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&c9=
content-length: 555
x-amz-cf-id: ejXZoJU9CYQkltHt1PM4E-TCf0QL03szNL56YH1Kd2SS0ykB-gwbkw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 186 KB
52 KB 896ms
882ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4042368252370408&correlator=958491705054274&output=ldjh&impl=fifs&eid=31060784%2C31060854%2C31060950%2C21068766%2C31060895&vrg=2021042901&ptt=17&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=2163006%2Codn3-story-leaderboard%2Codn3-story-1x1-p3%2Codn3-story-mrec-1%2Codn3-sidebar-halfpage%2CODN_Story_Article_Recommendation%2Codn3-sidebar-mrec-1%2Codn3-out-of-page%2Codn3-sticky%2Codn3-billboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=320x50%7C728x90%2C320x50%7C1x1%2C320x50%7C728x90%2C300x600%7C300x250%7C336x280%2C320x50%7C1x1%2C320x50%7C300x250%7C336x280%2C1x1%2C970x90%2C970x250%7C336x280&fluid=height%2Cheight%2Cheight%2C0%2Cheight%2Cheight%2C0%2C0%2C0&ists=4&cust_params=sublimeskinz_yes%3Dtrue%26inskin_yes%3Dtrue%26env%3Dproduction%26route%3Dnews.entry%26pageType%3Dentry%26channelSlug%3Dstories%26sectionSlug%3Dinternational%26entryId%3D408221%26page%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1620036521&dt=1620036521963&dlt=1620036521464&idt=463&frm=20&biw=1600&bih=1200&oid=3&adxs=230%2C230%2C230%2C990%2C1030%2C990%2C800%2C-12245933%2C245&adys=242%2C476%2C673%2C140%2C165%2C941%2C0%2C-12245933%2C108&adks=3652709448%2C1383072381%2C2846166866%2C3629341576%2C3881334754%2C4120957964%2C4291626634%2C2734664800%2C573015177&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x864%7C760x696%7C760x696%7C380x800%7C300x800%7C380x800%7C1600x1608%7C0x0%7C1140x0&msz=728x114%7C760x1%7C728x114%7C300x624%7C119x25%7C300x274%7C1600x1%7C0x0%7C970x274&ga_vid=1620095717.1620036522&ga_sid=1620036522&ga_hid=997599534&ga_fc=false&fws=128%2C0%2C128%2C640%2C640%2C640%2C0%2C644%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a6c10d407e47b490dc9421ba6c1391cc5007a9f61ffd0c395ad318e893d2e0d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO7br6uirfACFaaGgwcdXBEA5A&gqi=&layout=/sadbundle/%24csp%253Der3%24/14731663085902272421/728x90_verti_v1/728x90_verti.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO7br6uirfACFaaGgwcdXBEA5A&gqi=&layout=/sadbundle/%24csp%253Der3%24/14731663085902272421/728x90_verti_v1/728x90_verti.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: -1,138277609950,-1,-1,138347968290,-1,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53282
x-xss-protection: 0
google-lineitem-id: -1,5138373968,-1,-1,5680502552,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 03 May 2021 10:08:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=997599534&t=pageview&_s=1&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0%20%7C%20%E5%9B%BD%E9%99%85%20%7C%20%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1013750369&gjid=991746565&cid=1620095717.1620036522&tid=UA-21383972-1&_gid=167127260.1620036522&_r=1&gtm=2wg4l35CLJZ2K&cd1=408221&cd2=9&cd3=%E3%80%90%E5%85%A8%E7%90%83%E6%99%B6%E7%89%87%E8%8D%92%E3%80%91%E6%9C%AC%E7%94%B0%E6%B1%BD%E8%BD%A6%E6%97%A5%E6%9C%AC3%E5%BA%A7%E5%B7%A5%E5%8E%82%E3%80%805%E6%9C%88%E9%83%A8%E5%88%86%E5%81%9C%E4%BA%A7%C2%A0&cd4=%E5%9B%BD%E9%99%85&cd5=international&cd6=18&cd7=6&cd8=Stories&cd9=stories&cd10=news.entry&cd11=entry&cd12=1&z=1157121785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 21ms
7ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34014
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 165 KB
39 KB 21ms
20ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b09ad439ff485aba8b9d97edfa65dbbd75adfdb69912aca7337c824a78bf96

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Apr 2021 13:36:50 GMT
server: cloudflare
age: 562986
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Tue, 11 May 2021 10:08:42 GMT
cf-ray: 6498b0872fdd05c4-FRA
cf-request-id: 09d34ca879000005c44cb10000000001
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
95 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-21383972-1&cid=1620095717.1620036522&jid=1013750369&gjid=991746565&_gid=167127260.1620036522&_u=YAhAAEAAAAAAAC~&z=454557497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 May 2021 10:08:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-21383972-1&cid=1620095717.1620036522&jid=1013750369&_u=YAhAAEAAAAAAAC~&z=246206813

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-21383972-1&cid=1620095717.1620036522&jid=1013750369&_u=YAhAAEAAAAAAAC~&z=246206813

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-54a426232642d27d/ 2 KB
806 B 21ms
20ms Script
application/javascript 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-54a426232642d27d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-150-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c88d845b367e443779f79a0e4d91f60957bcf26ce6f0c71b22d668cc8ee52ef

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
etag: 1709248465--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=29, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 630

GET
H2 200 orientaldaily_MY.js Show response
api.popin.cc/searchbox/ 119 KB
31 KB 46ms
8ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/orientaldaily_MY.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: b449c35feb6ec8d321af1ea832e7ae20cc2df9eda67664886c3de5de68997fda

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 03:34:32 GMT
server: ECS (frb/67D5)
age: 411
etag: "c2cd4bb921e4cc0d3cb906324ddaecee+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: X9AXW6XPG663Y2QP
content-length: 31812
x-amz-version-id: d3tzgbd7Gl68ZpPCARUu1cOgQ04yeFWJ
x-amz-id-2: HUgAORqbAK2jGro5WHvPj26nkAt9y3LfL19HZ/808w32JZyCzBxu+c0VzYoGPEmLGTh95SKT0SI=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: vYX7T3fQsKIQq4c48OdEkg7OvVP2EK7X1R0ePOr8hQRPhSWcIbaXL6HIzSS47kUWjIZiNQELo3wzrbXFTIcLkA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 03 May 2021 10:08:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
10ms Script
application/javascript 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 03 May 2021 10:08:42 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 2371761693035398 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 73ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2371761693035398?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a084ad5b6374eb1f1d876486d3c0a0a3b05e9aa2ca4a11b5e442acd302895fd4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 72KYJBq0PXHN8Cl8H6RNunfjkFKvHDFUf+K735YU2rFCzfs+FVNlNheoiEJoM4NY59rYrUZohUaxOQX3Ek1d4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 03 May 2021 10:08:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 client.zh.min.json Show response
s7.addthis.com/l10n/ 3 KB
2 KB 42ms
10ms XHR
application/json 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.zh.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a07132c63f32901121bd4b72134ab4f12b5bb4074dac39927f72a01456122e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-a39"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
date: Mon, 03 May 2021 10:08:42 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1523

GET
H2 200 td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 7ms
7ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_MY.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2018 09:42:51 GMT
server: ECS (frb/669F)
age: 1329
etag: "17b2e8b253e693d224f7d8407e28e1ea+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: 7S8YTRRP0TVMEKXV
content-length: 12707
x-amz-version-id: null
x-amz-id-2: rZ1ZzwlcWc8BVoLRQBraTZs6kbvZ5Xdy58D2BqUq9yHBVS/GJgYv5hjU55hJiHZJSno/Uy6vXUQ=

GET
H/1.1 200 recommend Show response
my.popin.cc/popin_discovery/ 66 KB
14 KB 1271ms
510ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://my.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&&device=pc&media=orientaldaily.on.cc_2&extra=windows&agency=ftk&topn=50&ad=10&r_category=all&country=my&redirect=true&uid=7fea90abc64311cd8671620029322416&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUUzJTgwJTkwJUU1JTg1JUE4JUU3JTkwJTgzJUU2JTk5JUI2JUU3JTg5JTg3JUU4JThEJTkyJUUzJTgwJTkxJUU2JTlDJUFDJUU3JTk0JUIwJUU2JUIxJUJEJUU4JUJEJUE2JUU2JTk3JUE1JUU2JTlDJUFDMyVFNSVCQSVBNyVFNSVCNyVBNSVFNSU4RSU4MiVFMyU4MCU4MDUlRTYlOUMlODglRTklODMlQTglRTUlODglODYlRTUlODElOUMlRTQlQkElQTclQzIlQTAlMjAlN0MlMjAlRTUlOUIlQkQlRTklOTklODUlMjAlN0MlMjAlRTYlOUQlQjElRTYlOTYlQjklRTclQjYlQjIlMjAlRTklQTYlQUMlRTQlQkUlODYlRTglQTUlQkYlRTQlQkElOUUlRTYlOUQlQjElRTYlOTYlQjklRTYlOTclQTUlRTUlQTAlQjEiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vd3d3Lm9yaWVudGFsZGFpbHkuY29tLm15L25ld3MvaW50ZXJuYXRpb25hbC8yMDIxLzA0LzI5LzQwODIyMSIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJ3d3cub3JpZW50YWxkYWlseS5jb20ubXkiLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjIwMDM2NTIyNDE4LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&callback=_p6_93576a24ead8
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_MY.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 2278c8b0860b6749d4e5729bffafbbbc383939ff04c60100bb9878d4d990b5eb

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.13.5
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8

GET
H2 200 popin_discovery5-min.js Show response
api.popin.cc/ 160 KB
44 KB 7ms
7ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_MY.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 05:29:34 GMT
server: ECS (frb/669F)
age: 1711
etag: "f79eec0db79e4ee72508fa8efd009240+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: 8ZXYF51MKBZQTVYA
content-length: 44641
x-amz-version-id: jEbzWfZyhCQGPbOuuiAnvhe2d7E0IQE3
x-amz-id-2: cPz9voeGh6hA9l5fHpgdf25jS6tbrO/YSP8F0n+dQr4FMqxOGuDFpBBcd/f8DgcsAnuEPtxI5zc=

GET
H3-29 200 2690700094490823 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2690700094490823?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c7b84cc82a8e0004a25b7dacc3d874dc75de3b5d0231c2c2845d075cfb6fa07

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: VcKE3SMr60kO3SCa02epTovseLe002GzYn/waHbRBwkDIW5nYx+ZNDmx/GOGhsFGpphNYubjgaH3f4XMwkhiBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 03 May 2021 10:08:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
362 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2371761693035398&ev=PageView&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&rl=&if=false&ts=1620036522478&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1620036522475.1159903381&it=1620036522357&coo=false&exp=l1&rqm=GET

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 May 2021 10:08:42 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2690700094490823&ev=PageView&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&rl=&if=false&ts=1620036522564&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1620036522475.1159903381&it=1620036522357&coo=false&exp=l1&rqm=GET

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 May 2021 10:08:42 GMT

GET
H3-29 200 container.html Show response
5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACB2 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.orientaldaily.com.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.orientaldaily.com.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 10:08:42 GMT
expires: Tue, 03 May 2022 10:08:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00DD 0
0 43ms
42ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyB6wiqp8jm4xo6UqAFP0-VoEiibfaP_bQ5BkfOk4VlTxw3TXm0El10ZWEeN4u7PlTIrQP5cvi-Wd6-SmsAVBGk3O4FGpE-xf_RG5XuiZAuknBgkzmo86i1ubC3a0hfonrDkI3oTD47xaRBEjbTt9SNdOYTk9dbclp_1UeTk0lKyn0xCyvwUGm9GkWdfr7JdxkAgA_zYoR95hk8YSM4DJVCSiO2JZGldBry0dNazynrhR0VW9HRBnXL8v4MPkUMvzSgkyJxeTSxbWfPf0oh1fDdf8tsb_z-xCBTTpc5OxqAQoC7i0RqwXbJE62dnwciVGblMR66DbT5Ka5GQIF8A&sai=AMfl-YTP9FJGv-DvVgoeDWWcF4T9XM8wffAv8I74Kc7jn4gRKCSNAgN2YBISmm0NX3zP2VnZu_Go0OoC6Q0JSGSAprYzGArguBzrdTmV3PMYzOAm2gGIBqe4DOz45Vps4pQ5&sig=Cg0ArKJSzJrTyg-8AzxAEAE&urlfix=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 10:08:42 GMT

GET
H2 200 placement_1652.min.js Show response
adunit.datawrkz.com/tms/data/placement/ Frame 00DD 5 KB
6 KB 43ms
15ms Script
binary/octet-stream 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adunit.datawrkz.com/tms/data/placement/placement_1652.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fec9eb37c5edd3617758787a6e663a93d164d4b5b8bd8c39ef137bce586c3a0d

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wS_Q4W4Uns79vJ_0eEp1oOy2BhIFQ62I
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront), 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 09:14:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1, FRA6-C1
etag: "7197d37a9b6ed27968ed83fc1445985c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Mon, 03 May 2021 10:08:42 GMT
accept-ranges: bytes
content-length: 5492
x-amz-cf-id: lK6jO4dt8DKXYxryhtYCGbELySu04rfcehx0-msUiRSk_qXjrBalbw==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00DD 116 KB
35 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:42 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:42 GMT

GET
H3-29 200 container.html Show response
5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 857E 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.orientaldaily.com.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.orientaldaily.com.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 10:08:42 GMT
expires: Tue, 03 May 2022 10:08:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame B512 190 KB
55 KB 32ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B512 12 KB
5 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B512 87 KB
27 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B512 27 KB
9 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B512 40 KB
13 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
DATA 200
OK truncated
/ Frame B512 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6ad7225b3dbcf7caf7520474d6e491c46c845d289032a75bd1c971b84f29d27

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B8E 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.orientaldaily.com.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.orientaldaily.com.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 10:08:42 GMT
expires: Tue, 03 May 2022 10:08:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D4E8 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.orientaldaily.com.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.orientaldaily.com.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 10:08:42 GMT
expires: Tue, 03 May 2022 10:08:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 10518273093985405042
tpc.googlesyndication.com/simgad/ Frame B512 21 KB
21 KB 23ms
7ms Image
image/webp 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10518273093985405042?sqp=4sqPyQRJQkcqRQhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPvgBAYICEhUAAEhCGF8gXygBMAE9AAA0Qo0CAAAgQg&rs=AOga4qkyGRAhdy3sHEH5iLL6Wmsqf5WWXQ

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc49ec597107c5bceb543692d771af6c1eb1af0a373e1044b94bb5261df9a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:49:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 12:39:12 GMT
server: sffe
age: 224369
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21012
x-xss-protection: 0
expires: Sat, 30 Apr 2022 19:49:13 GMT

GET
H3-29 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B512 3 KB
3 KB 22ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 01:30:54 GMT
x-content-type-options: nosniff
server: cafe
age: 31068
etag: 12051390396603846657
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Tue, 04 May 2021 01:30:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B512 344 B
368 B 31ms
15ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 47305
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 03 May 2021 21:00:17 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B512 0
0 30ms
28ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVvGosFbo85WoNR84lLgEhUHzl-dXGdyRXLrpZxrpXTU1w5fNpbYRJlcjFq9T6fxFfIQ0n
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B512 0
0 47ms
45ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2jhtqsuPYO_eBKaNjuwP3KKAoA6tvZnKYqDvrJX2Ddb6nr9EEAEg3uW3Q2CV-vCBjAegAZXYtcgDyAECqQIWA0dbryy3PuACAKgDAcgDCKoEtAJP0LUiP1H9OIsN4lK1G1mSf9dPHmqNW0V4yl-ADnKhlp9RCOZ45-I7IeSTgdW74bYkpwwtjNDaDjQQWtOMxLlWmclpwiVN3_oZQ711r_x5KKHgjk22lMRS88RLZKoJPvOfUzszTXrJhI1rLuZECysUaOEw8jXtru3K-WfTBR4gpb1Gn_RqPm6GGMRsqXTSD3ogWRsd2Ex13_MGsAvNLb2evFHSDhLzLrLRMx9LqsNW797BhiJV6BI2B4SnRj2K79mu5YIxaoNGy7Q-XKPGyL2OcOVYKYEY_MQxGh8rh3C6J4AXn9GZdMgnCSITyzAcoaLUVDm-Ztj45XxU-xZiEypMMCbugkkhUVhFkmvCZ7FyPGWn1GUCz8DW1bQc6Jzu-Fc9n9FXxbXD4nKqVKJICmtgQ9ID2sAEnYDi77ED4AQBkgUECAQYAZIFBAgFGASgBgKAB92c9WKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ79Ac0ggJCIDhgFAQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTM0MzA1NjExOTY5Mjg1ODk&sigh=OdzJYDvIMJ0
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryTWaMBweWBWZNIjzN

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 03 May 2021 10:08:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 outstream_vpaid.min.js Show response
adunit.datawrkz.com/production/outstream/banner/static/ Frame 00DD 68 KB
18 KB 10ms
9ms Script
application/javascript 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adunit.datawrkz.com/production/outstream/banner/static/outstream_vpaid.min.js
Requested by: Host: adunit.datawrkz.com
URL: https://adunit.datawrkz.com/tms/data/placement/placement_1652.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8658ef8a0aa1f5030f821aeac3b040230224c767824b2b413511c6404533ce7

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:39:24 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront), 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 25 Oct 2018 08:31:49 GMT
server: AmazonS3
age: 62960
etag: W/"fdca7d26e6c63908a2ae262821b2dcac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1, FRA6-C1
content-encoding: gzip
x-amz-version-id: null
x-amz-cf-id: 3Nukxkeli5GAW8veXp1rQXSSjZWfLLkmm828dDe6D-8L_ClKp4m6eg==

GET
DATA 200
OK truncated
/ Frame 00DD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81913cfdb14939878aae06cb4393ae652e0225f1f6e99e69db52be824665701c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4222 478 B
303 B 31ms
30ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngZsYw73gIBeNk_4TyTckbsPJvNfE5YUqSvplL8O_IZn8sF8eVnJOT-sgaesw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 10:08:43 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACB2 58 KB
24 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Chlzwk5IR2um7HY1Gt98fTbIx1faV0DwaxUXm2GPE7qcVGhuB976gmkMBGN97xkC_F1mPBhY2ZkSUNejatams2_uW06CBOyE5AsJRyilGJtz-gPc0JhPDQUrtLAVMNrLltr3eOKwIEVjsADb_IwcqAQ0rllg&dbm_d=AKAmf-CH9kYOtFmvbWqPSJSz7qxC6XxRttrdQZLDmanti0Ahm3IeoYswYzio4lXuuPL8jla1jrRPffvP6S4989Cv3uTa5U_u6NDnMccls9LgEt7GOkOg9qjKF0JxAIjAfFeZkavBpCtWOFG5mDitceaMUMJN6A1rtD_eR6gjSPDbslnOdjkTEV3Wjc0ojv-WFasnMpPtoot-uWmb8eMBwkQ8lGQRoCyBWq3tWWFVeu_aXhRuqEksCugiRs4ZbIhCopL7MmpBEsUNPaCpHqKxMP7nuZlO9_LKwwHj1MwQuqxEerUqtRUemgKFr2uu4JCc_lVhumV3fL3pJfndc8Z6RK1W9OaYlHxY3_mM33okiXaUwaXN3uNFo51q0DmOC9aIvhonsF7FFQFXmYYzJtUQ94_u6H9xZRFiDkVaFKtgn_3kYNjML1fPuL-gGzweNlJnKnsMCbFK6Ud6afOfqDBcV6a4wocjNoNcNzaqvi8uA5a5oWPBzUrtvKJP6gEfzAKPiiwifAH3ezkSdNKPPZb3le4oMut_QJs_jPofqRypYPXJNvyxevyMMSTJnO8Q-Mwj194aXPL2Q8gJj8fDeR_I9l_p1pcldhWtngWf06LVT4gUIl9La_mZCvDXMGR-4tcpInJUhL5g5r1uCWMw0niFOHCwtuWuebL-t-E9gVJfzb0ZLUH0iwcdCTZIRZiyFYviYxEMOqllc26p2e7kJoMn85tCw6s8qnYHz_ihPYDpvASxstYhE78h6Vxk7o3aBZbuX0JTN8pPjgoDDTIeso2fDzZ2lFdu-WKBj5TxXYxMpd7jM0k2R_EclQH1lmS0IN1FDpmT6V4hXik7JHpDT3Kwjb0aekwkmSUxhVhNobQivfdhi-DbB3thGngAAOTk-nGCyL2xReHjKz2-USqTOvSmCCT8ZkAz6QMTA-lEF80kQEB67PNv_tu0AnhOMAVv4YsJO313pMZAFC8HC2ebRGShEGjqUUSEe3edQsWk85yTdqwzDQazaN6DSHvqNPikEv0DWPiSiIUhFd5-8JUPX2NLppEMmtcGRerFM38CNsLiIG5G-hZ-X7gA1gfRgXzvjiFCLxK2-jWYsBj7lfrdgIoZKAK4Ur12sohb-qbdikLXX8ZLIlHGuZQFvx6PzVVrWaJDHkT34RyrcMWtIpK_uNR84OludrfbpCCGms7WOC8JRtYiXMH8ZWm2Zpx9Bp7IDu02-ja5Bu7sjXzQrqzB5vFV3tUBn1g7mCyEhDwY5jbhlT6S8ijZiO3nSCgw5-keokBYpFH6mAWGZ2IvjdwuzIwq9kDRyQADaFczan6-qVkhFO2h4tyMNQTglPFAt4RXpZhaiIHNE9xFjGrSs68gVuQ71LwS9snPrdkEgC3RhMLDIAJW2Jm6XWUbrhSU3mIY2mof4l46iuk5a4qCpXkeCExUoKScLqASFCtFNWn2gqppRAOqd0CTOYcoTqVgInpEYnd78DijYViRFGbTqTGW2K4bkk_huzeQ9fKydtmAwTrpHzDIbmKU9dRa5xx-rW56TfFR6PjSAMcDfeP3uioQSQRsAwm8sQf9-FCIHlpP7cBYid0z67TyI_jEiA6K8a4YAVIq95wkIAVmwU-nv278bCzfvXWiz9m_1uRUu-_JagZ4zEyFzN456BQdb0q4gBNkhVCaYxVguotOw946myC9PBqocDN3-ynx2WVZTMmlJu8QBe0Dh8wJd0sDCO9sZQI5_MAD0OUbSI3BV-ryx9Ko6iCRRaFUpCU5Bkg0_U2ksnvV32mWWKaSFkBfLYytME72pV3Bmfe3gNgunJQRZ9oVwBtCB9A5Gl6kGo87nl_pLm7WK6wUPTuTL1cAzs6A4ttyWiXec8JGXON1M2aL_VvVFXhOQ73H4TNZeJx4Lg1Mx0krP4RsP1EqVHlwOVTT7mU0uFH9fqdTNC2UFlQ644e_2i1WHkW6v07GuOGnE4K-JW-ofTz7Etm3lnTX9Iw6TAcX0vQhIPLuJ2NFDNykrGFRIvvVi-z_y90AzlPKKvn6kev5LVamgvxeFTj4atvCeAHZG94DDlBmXwW7Igg1oo7gitfECsaa1DYsL_coq0_pcj2ZEPqz3X-ibvmq8ISTUtEdJsG560ULftO6OBz70fR_j5MA0Nr3y7tawYLCi4V7ZiEOZdRzELvf2ts5SYvVNRVDbbXGglOKhJj-YcAYLGqrkHeONiyts8FfqXi-bDvTVkxaJizR8i341GlBbCK5LWG80TdF6vqKrLAnZvptqlJkm2B3-1J7xVxU18hLG0cLUVy_7jl6nosKkCUhDjF1rG5TWHH0DsN1A14aSd60zHoaA4KBDiu_RpgysBwI5G5ln_oD8XI0DcZHWmxnteEElr0tnbvAabbedWaGuTazyaDk6zlak_1Z_75XcSLxT-KINt5EXV_WDYWgz77clTmQmZOjznWqz9i6lF1mYmHjRQ0oEz6jWIARaOB0jhAoe0t1U5y5sHuzelpbyiAsuRcHuyrJoOyb-EFqyHzCK9U5j8LDt2vnXBR0LVxwUbNcUbWaFX_nAoDow16huiMAklQpAcKe-_XkScrvw2FlK62yJApumvTGCSYqqi4ZmKBv0GbTdqmp9YgPcwF7mfFbD8Q5YCajgY6D5BKRZyv9SHji4x7lVQysb4SrPLzsrp38AvWdmUQNXQ1TE2tFmkUU7PtqU31sS0WPz6IHNl7IiFOQ4JYe8KocglF9RkwGlc5bTdqGw36A1Lzo9lIoyXGy9DV_1bKaZp19rGmn0f3LceaSm3HWQ1uyX3KPFIhTJ5Egvws-Oq0or-Wh0g-V_a-B_AoeB7se1RtpNOrDNuJdIf5w6EMEmSTsTMmW6QfWuIPyNtNMl_aXDvHYBY-a-23ZEnNZQT-S8rgqd9BqjbzwkMYxCFmvQXZd3JmErqBQsd02vC1OAyvJWzJfyR0GilMFVUTVKse2-18hdw8QVy6x4dtjMEHC-RwhnsYbwsEEooygT83IdRKDNa6O_LOO7z20nPc1s8m7MIF-0rkHPJftw549GOONfR4zMEObn5VQiLOFpWppfEYznAWOz7nr0qaDYzPw87rbXPvvZB-B-B-dyYXQhqVNAWoqUSYDqRAtZjSXq7Icoz4UNaXmPYYMhZG9ZTYEBa6vUZ4JjOJDsLu76eZfN7-c114cezeVkmAqiXt5I_2OX3a9UuPyXkrKh5E-eLgqkCegaHS7CLculzammh-8tDY3JHnlQ2Fj0A2_uLXiWnB9mUxK6Cb4GpqQIbLau3ADZX5eJFxMXOKEun87-pFLYFSiDkX69TWNpsMKBjjIfD_ImsG4XgDz37fcK9wkv6M&cid=CAASPeRoJrSkorO8sEHW0QMywY2aqk_DfRNTMu7GtZe4uwUy6NgTvpJSP565LuTbv7uL7bkOSHXqFGzoPaOvxzU&rfl=1%2Chttps%253A%252F%252Fwww.orientaldaily.com.my%252F%240

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc41fb7670446239d732df8bcf82b5f45bd8ee69e4d9f3b837136c1715724ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACB2 42 B
173 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA3H3bRdJlRutT779W6HoRHq3yHsKhK7G_LqWTT8SfvgW4ufUc2Q8Zj0tUja1kovPkDfJjRO-zrUd01cgcr8KHdY3dA4qALI8mOHh8HQQ6RvH8__8

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame ACB2 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:04:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACB2 116 KB
35 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame ACB2 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:06:32 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvSTWrF0MpjrHwGA5

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 03 May 2021 10:08:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 728x90_verti.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/ Frame D53D 139 KB
78 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56dbe47b7d70f669fe5ad76a4c6d923196f462d0b3fbe34f1b3f4a08897c14a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 27 Apr 2021 00:58:23 GMT
expires: Wed, 27 Apr 2022 00:58:23 GMT
last-modified: Thu, 11 Feb 2021 15:57:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 79890
age: 551420
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 857E 0
0 43ms
42ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CL20FqsuPYO7eBKaNjuwP3KKAoA71ksysYqDO6aahDb_hHhABIN7lt0NglfrwgYwHoAG_57vEA8gBCakCDkyD0ocqtD7gAgCoAwHIAwiqBLMCT9BaMpLmUlV40KLRvfPugLfh70cJl5EAsFqoQjgGB9XgXWU4b330dtK8QmnzOZaHSvTAGXco049NUnlURi0BeymulO9rsqmwQuI4XCZ5O22yS4ssG_AYc4iUGt9XOhu52R2D972dKS2aYWnXyiwXCw9IdxpScT0YKicP-pxuozFWf3aC14KIYkX7dVcg3E5iNm7VxXb8tKLqpPydXHU6T1yql7gGZz0YyyrslEOjlQ_R1FNkYLzIH6MuGR4i2ThnvMJm05f8ONgRgr2j5qjfNfYR7O01WtQRW_78ks47R6LaU-sP3juQHoSFfc3Y4pZXfpkI-yH0nGNEuhbuvquCSM3t-X0dw-Jh2j1gP4XXHqQLZ8LKCjVNB0XqUxGqTVQEQsbAXzcRi3jTCoP7Fta3V5E1EcAEkuyt4McD4AQBkgUECAQYAZIFBAgFGASgBi6AB8CJlR-oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvPwN0ggJCIDhgFAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTM0MzA1NjExOTY5Mjg1ODk&sigh=pW_STKqXvHA&template_id=419
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 857E 17 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:05:44 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 857E 2 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:04:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 857E 116 KB
35 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 857E 13 KB
5 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:06:32 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6B8E 22 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4840
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 08:48:03 GMT

GET
H3-29 200 13151739800984636550
tpc.googlesyndication.com/simgad/ Frame 6B8E 77 KB
78 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13151739800984636550?

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47be6f942284b870eef8c85306d752eaedc9da6007dae9b9992d83732f020d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 13:02:15 GMT
x-content-type-options: nosniff
age: 335188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79335
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 11:27:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 13:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B8E 116 KB
35 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 80AF 611 B
363 B 27ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW4_bB8kHOqXKB0lai_7r1u65gIXH3b5ssk6fg9SBPYMbOgf3OD_wOtXHAGHsLKG6ZhWN4FNBhVx7_56Ldty3Gej_xPPiDEGSsHsyO55DPoK0FPX7P4z-LIPpVqsrDUtf3uVMDLLW-5SACsvt22-MQIkGN0PmwJF2kfaRncJwhtHRo0LC1i6VxGHssBEKIQP7f1HRBaUKlOj4c2BZevuypN5WAJZQ

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW4_bB8kHOqXKB0lai_7r1u65gIXH3b5ssk6fg9SBPYMbOgf3OD_wOtXHAGHsLKG6ZhWN4FNBhVx7_56Ldty3Gej_xPPiDEGSsHsyO55DPoK0FPX7P4z-LIPpVqsrDUtf3uVMDLLW-5SACsvt22-MQIkGN0PmwJF2kfaRncJwhtHRo0LC1i6VxGHssBEKIQP7f1HRBaUKlOj4c2BZevuypN5WAJZQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngZsYw73gIBeNk_4TyTckbsPJvNfE5YUqSvplL8O_IZn8sF8eVnJOT-sgaesw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 10:08:43 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D4E8 24 KB
12 KB 45ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDcn8tA8xmqkcRwlA6RXj838D5linCzCDcmfwkywa7u_JPhbE63BV-rXYJxk9CAggp60Rjt1FGIJ4DNgfAoYwPXbAKzPt3OT2SPAkdWaF9fHdL7iepP39ya5BZdlSf_oYL0KWLrNgnPYSe1sN6qKR-ddGCRg&cry=1&dbm_d=AKAmf-AcmQyH19sNHI6hQbLgKM-0J8MHg40RA6Q9Pi6OC0defb0eKZ6vY4wI-uoXcomGnF7dxB8xFlARod4ByE2aeCsolKfSPg9dmwxshADUkRsN_lAPIPnhAHe62fl3lay6oQ-Vfu0kOiU47R6WVEcrmea2b57G5xN5oUULxwFwj2kfN-fccwGS2WTcPoiQVSkxCo3eT_MnnaO8RUWK4LTbmZMTLsAMPs4SWFHd33KV7GrZAY1wMAbDwcNfZasgwicrWYUVv7OFOPoNwUGX64lSmBAA8rHLcZ20LYcD65bAIqmuNqjz-Vu5qWlIv1AGRs2imW9sIf9t_0MuACtf3XzK7HxN9Hn70hvOk7NYW5m2tuOZhXEnvcW1waZmoYU-hFj8t1teZC2D3Nl0wnTrTIUxSNx_O2G5jrIusxbPvG0fM0HfDbmUQrfzKCVHz4t_uSSQ4Wb1q1ROovrXsn9KUpnpBYQsXtn9BUTQZ962ElThB7MppZV41pVZq8UPk2C94l5GMQy7acEYFg7EDSfHkwF7QFqMvlWyENgVKzEtr99CR8W1zdCCq12t6s_qcPj54kWAttnHbiYqFUKiZkuCx-FYbd0aImkKnLOVneJsoXb6pveRcuCN-JR2s6vO9bd0rIrVeoVsxwBOhgcGnvcMg1tUO6jqij4GbcIEtNUNupSyOnoquGACRnNYCL3Bw7xSvxSmaBfDgw-9oe1-D6VHhRrDNztuyg_ZQ7ianTQBTn_n2UnuNTNXZKkca7Nse3ErJsuSWpUbII4M_oe_vMzgCt5NKCtX81yJOp8OK1ypvJuOPHs-I7vahVlWwhF1_IJa4MOHh0nVu6_qJLZntVdWIGcQyrKy-aZ1vrsYPDE9rbPeQeEIa3T9Hk0BfPYYj4WJzxvxoiwroV4ypmdXZt3KUENxQ5pUqM9UUSjelmXkKq11-t5gmZrPIF7wM23NIYyG2jAQFNkde6Nw-Uhlko3Y6tVOZNOBgQWUbwjgM6go8LqQty3YoDfUZMSInl_bU4KfbVP7_SfbKw9yNqWEQeb_LQV0ml6XFei7HrxTfx9afYr0UX4yu4Py84Ux--55Wqcf4r61lbvRdfeSc2L_HHy2q_R2UZvCy6VfK0Gb-35789TZHp5ybvBBmdZLkpXuU-maFjQyXHsOP71c-O3CzODs5tv2qsV4F8wDaVLkaH5kMbcndnuBmJveWNfxIu04H8QZjnmvuXxsjMzETDJt-w_C1kjYKiG1Q0EnTtLRb4MhY_6WF5u5eYqk_ItPzJn_GHu1rCYYZ8eeW2I6dSuGNlbPszbPORL1I0omuSmCabKah7ptnRU1v_pxPfrGgfzA6rO6A1WJG2tmqMKiaYHxSjEGon5Co77KDRV5rjdLJ_NZehTAVUPfWtVt8aAoHXuWmBCN5-Dj1-Hw-TGmzNObZOuME4pcirkDivxOk9Bwt5tOiDUh1zJRgOLlcDG8t0uRONBEMPF0minCat3tJMom3LaQiTNGYI7iE4IHwjEDWgxpBGHwF1FVwdZLV8YlzTmMGwDxtUroFjQ-2e--RXY_IpM-hnTUMoXVO8hsa6MvR6Lek_l2GNhwxv-7SJarRznCULMPUqLVQegGvcTxNtBtoUHwGGXCFHy_k8_9fh0OWgnWiu-bTu9SZ1WkTWA4kEsUY6gRLaHGz48kkJlT8d16NIpe7lR2RGhBN6DwiZbmKMo1Syx00ax-4kO7YtNEXxP5ez_A1nQRTkFAv-AqCWuKeNvpHzSzk3gO93U-Pj6KZngEVDL1nTfzxAKTz2FKon2Am_7XeQe_Jv08tHuOODY2Bmuw3bHh71dp4CyEHC6yWJK27KjpM_I0Kb9k7bX38V2g-jsBG8Dvn2wgCGw01iqx3_ZbwwEZKlUwwZkJb7fwtVK6fcxq1unSUkMWR9j-7mTiXGA_jqGxi6aE0rel_ylfl_PVGiodLrOUBvkcKG4y16qVTxZG6cpYj4u5_GCVdHNSuymI6QDAtpg8Vfvautldd0U-Wws_bMppMBEQUpmb29Lk89IWqlPFizDBrJP55oSvlaj4wR_IJP_ya0aMRHt0UvgUqGICxPSPggeVIX8Cc1bTYvHMGpFjAF-m4vCqzOqm-PbYUGNQfvsfINRtCCu-xArAO2fUICCKCc7reX7K1JsMYioYdlypvqG8r272A6dFL7iexVKP1NfT0b21QWSFM9BPwXbMhwyHjxUA7FkOd-4qNmBqgtwDXoVElNgcM2h9moxSqztmLHc8THSkGP6aK-INevymAY895j3t7KFogJ18xRJwbJlU20Xz_dLEs-o7n3UnYFjlFE8Vu3L6qwT8aWjTbZn82JQwPqwQVXrhcTApWG25XvdrTOjQOq4F8Uj7j8cLJm4xQfCAJWS8uzQzitCOIp3z7VjpdcOMYP0CONee2HTDaHIkXLhuhY0RW11AoD7ARurOucZ29GttFfDToKTnvQ0lXzc7edvqphp2N4puAlnRBtPUUQcXP9YMuXZk7Sibf3onGeMhUrb3SFaU-Mb1IyASvU_RwNShE2-UVyI4KTiQzMfJ_p7MfR9ltgPEufuTxp7zOOZ_OPLcI8t4qEB_gIwG4_SeFJKf-2hKbLpTxytUU0Df9MKzOEJ2IFZGYxk2Q3lN_eGhn-bjxw-cLmLklvVLmPn2d5bolvnseRmsCVeqMmc8SngN03ALSgrU1jDDznLkcnGPABZszIYnzlwXso-BkMjjzkrNo8joR8NZ4aE1L9RiVhS0ENuWYnxgE_Dw6k_DuohAm9sH_T4P9_AQ-o7IffXp6WNdY00mtKaJLDnW9Y8NYTG0BBiA81-D1hX2dqt3Vqxa1Y1wSNd4OdPxMiuqBkp-uHgsjzyvmbse2kdVEmgEEmaAaSfo8-QeQSRQoCE-CtDuknumlJ2hjA3tT4dEq7LJ23QS9rSVii60MD9rkD_cvqVjsy3__x954UxoWZrV5P6D4aijjnwZZ_bd9oTGFsc7V-g0qy0vC70spw4Fn3bX8EHu6q9u5CjpPXuBglqFZ_Bnr__U6GljlF2voM-GtgtMWXkHtl2Yps7lVh2da3kYFKPXpcWkBLs6yP3Jtws6-U2bkM_enItvQlozUmdHqz3R9FMAnCeg5rUL1D32B-95ncT68uniKETsK1vzUiA_ZQq6moQtlbqVukm03hnIHGEKXplPXYIAYYmO10qC8GkhVbmeZVyBwL1ogo0u_kNLSOMmTOzWqV6kRS0Ah1E9W59I2tbYaUrKL9va5herTRbkf7rLBlMNsoqQ3wSdwdIiUN1z6GTdawtRsdHVxwsDUJZu_67z2oZ65sYPtZWRG9QuMCLg95XlhJ60J0wukK_CqTP8ZoEBsJEx67ZecuLivF1MQO2jrU54feVwQNtnNgM3NAHgUmBH1zWR47HjOnf_Cqrc_IsE&cid=CAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k&rfl=1%2Chttps%253A%252F%252Fwww.orientaldaily.com.my%252F%240

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ab7fef8db8c76ab90101108ec9b28f62b23187df034087a15dac94ae2c5839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4E8 42 B
107 B 50ms
36ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjmP84Z2XJOGwUxapYU0gtGS2fmOH-CaLE1o1JjLJQP_xe8wsdEFn0vUg_D_VFqLq9G1YquUXU4ymBp1p43KDLJ0ibRmGfyNiaJzPYCMoWgHAdXZs

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame D4E8 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:04:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4E8 116 KB
35 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame D4E8 13 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:06:32 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D4E8 0
0 21ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7FwVBMy0PV4PRZtoWTdfUaByCgc3jK9OkvAEzSnlE7dgRy3hPsW0UN3-_Th2kwwRwdWTW
Requested by: Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B512
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

49ms
47ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00DD 0
0 56ms
41ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspWOnCE7GeDvI3rtylR9MU96OHWz0M6rcbx83WBTjRWHWIFbD0droPlYoQIrelNT3M6dS9XkJphMZcGtlX9zWnPTtP7RDUnfJjR00m0ZVdKiTxzTqPNODTfGSMKfwx_aUAy4e-5Dtcf37FK9FZF8L-UOVnHdoxTdYURCm1zekzv10_UqfSLOOzA6BJ7SwNRVMs3hKQFlR3U6gCUPGQ3YE4K_wXeOU_vfFRqulTdoI2dmcrDnH-EsFDABPYgOjRQ7A5WntAISbVhD4HkZ6CEZ4YMZLdRzCwhq3GDOM228ePk7WBBX7mm7ElYDGV5XbcX8P8Aw&sai=AMfl-YQLPoQ-GPGXvaFjdtkBS8I3CzT20ErsFRtg9iOT91WKnzCkgB-AUflf4du7cxMN4kNBu24e3FLhVO-kcR_wAJ025751T9m1O_1EA9BY-rmQ5pL4eth5CwAvesldLXPJ&sig=Cg0ArKJSzOOju1LcZLqcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 10:08:43 GMT

GET
H3-29 200 10518273093985405042
tpc.googlesyndication.com/simgad/ Frame B512 21 KB
21 KB 6ms
6ms Image
image/webp 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc49ec597107c5bceb543692d771af6c1eb1af0a373e1044b94bb5261df9a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:49:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 12:39:12 GMT
server: sffe
age: 224370
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21012
x-xss-protection: 0
expires: Sat, 30 Apr 2022 19:49:13 GMT

GET
H3-29 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B512 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 01:30:54 GMT
x-content-type-options: nosniff
server: cafe
age: 31069
etag: 12051390396603846657
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Tue, 04 May 2021 01:30:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B512 344 B
371 B 6ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 47306
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 03 May 2021 21:00:17 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame ACB2 111 KB
39 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82831
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 May 2021 11:08:12 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame ACB2 8 KB
3 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Chlzwk5IR2um7HY1Gt98fTbIx1faV0DwaxUXm2GPE7qcVGhuB976gmkMBGN97xkC_F1mPBhY2ZkSUNejatams2_uW06CBOyE5AsJRyilGJtz-gPc0JhPDQUrtLAVMNrLltr3eOKwIEVjsADb_IwcqAQ0rllg&dbm_d=AKAmf-CH9kYOtFmvbWqPSJSz7qxC6XxRttrdQZLDmanti0Ahm3IeoYswYzio4lXuuPL8jla1jrRPffvP6S4989Cv3uTa5U_u6NDnMccls9LgEt7GOkOg9qjKF0JxAIjAfFeZkavBpCtWOFG5mDitceaMUMJN6A1rtD_eR6gjSPDbslnOdjkTEV3Wjc0ojv-WFasnMpPtoot-uWmb8eMBwkQ8lGQRoCyBWq3tWWFVeu_aXhRuqEksCugiRs4ZbIhCopL7MmpBEsUNPaCpHqKxMP7nuZlO9_LKwwHj1MwQuqxEerUqtRUemgKFr2uu4JCc_lVhumV3fL3pJfndc8Z6RK1W9OaYlHxY3_mM33okiXaUwaXN3uNFo51q0DmOC9aIvhonsF7FFQFXmYYzJtUQ94_u6H9xZRFiDkVaFKtgn_3kYNjML1fPuL-gGzweNlJnKnsMCbFK6Ud6afOfqDBcV6a4wocjNoNcNzaqvi8uA5a5oWPBzUrtvKJP6gEfzAKPiiwifAH3ezkSdNKPPZb3le4oMut_QJs_jPofqRypYPXJNvyxevyMMSTJnO8Q-Mwj194aXPL2Q8gJj8fDeR_I9l_p1pcldhWtngWf06LVT4gUIl9La_mZCvDXMGR-4tcpInJUhL5g5r1uCWMw0niFOHCwtuWuebL-t-E9gVJfzb0ZLUH0iwcdCTZIRZiyFYviYxEMOqllc26p2e7kJoMn85tCw6s8qnYHz_ihPYDpvASxstYhE78h6Vxk7o3aBZbuX0JTN8pPjgoDDTIeso2fDzZ2lFdu-WKBj5TxXYxMpd7jM0k2R_EclQH1lmS0IN1FDpmT6V4hXik7JHpDT3Kwjb0aekwkmSUxhVhNobQivfdhi-DbB3thGngAAOTk-nGCyL2xReHjKz2-USqTOvSmCCT8ZkAz6QMTA-lEF80kQEB67PNv_tu0AnhOMAVv4YsJO313pMZAFC8HC2ebRGShEGjqUUSEe3edQsWk85yTdqwzDQazaN6DSHvqNPikEv0DWPiSiIUhFd5-8JUPX2NLppEMmtcGRerFM38CNsLiIG5G-hZ-X7gA1gfRgXzvjiFCLxK2-jWYsBj7lfrdgIoZKAK4Ur12sohb-qbdikLXX8ZLIlHGuZQFvx6PzVVrWaJDHkT34RyrcMWtIpK_uNR84OludrfbpCCGms7WOC8JRtYiXMH8ZWm2Zpx9Bp7IDu02-ja5Bu7sjXzQrqzB5vFV3tUBn1g7mCyEhDwY5jbhlT6S8ijZiO3nSCgw5-keokBYpFH6mAWGZ2IvjdwuzIwq9kDRyQADaFczan6-qVkhFO2h4tyMNQTglPFAt4RXpZhaiIHNE9xFjGrSs68gVuQ71LwS9snPrdkEgC3RhMLDIAJW2Jm6XWUbrhSU3mIY2mof4l46iuk5a4qCpXkeCExUoKScLqASFCtFNWn2gqppRAOqd0CTOYcoTqVgInpEYnd78DijYViRFGbTqTGW2K4bkk_huzeQ9fKydtmAwTrpHzDIbmKU9dRa5xx-rW56TfFR6PjSAMcDfeP3uioQSQRsAwm8sQf9-FCIHlpP7cBYid0z67TyI_jEiA6K8a4YAVIq95wkIAVmwU-nv278bCzfvXWiz9m_1uRUu-_JagZ4zEyFzN456BQdb0q4gBNkhVCaYxVguotOw946myC9PBqocDN3-ynx2WVZTMmlJu8QBe0Dh8wJd0sDCO9sZQI5_MAD0OUbSI3BV-ryx9Ko6iCRRaFUpCU5Bkg0_U2ksnvV32mWWKaSFkBfLYytME72pV3Bmfe3gNgunJQRZ9oVwBtCB9A5Gl6kGo87nl_pLm7WK6wUPTuTL1cAzs6A4ttyWiXec8JGXON1M2aL_VvVFXhOQ73H4TNZeJx4Lg1Mx0krP4RsP1EqVHlwOVTT7mU0uFH9fqdTNC2UFlQ644e_2i1WHkW6v07GuOGnE4K-JW-ofTz7Etm3lnTX9Iw6TAcX0vQhIPLuJ2NFDNykrGFRIvvVi-z_y90AzlPKKvn6kev5LVamgvxeFTj4atvCeAHZG94DDlBmXwW7Igg1oo7gitfECsaa1DYsL_coq0_pcj2ZEPqz3X-ibvmq8ISTUtEdJsG560ULftO6OBz70fR_j5MA0Nr3y7tawYLCi4V7ZiEOZdRzELvf2ts5SYvVNRVDbbXGglOKhJj-YcAYLGqrkHeONiyts8FfqXi-bDvTVkxaJizR8i341GlBbCK5LWG80TdF6vqKrLAnZvptqlJkm2B3-1J7xVxU18hLG0cLUVy_7jl6nosKkCUhDjF1rG5TWHH0DsN1A14aSd60zHoaA4KBDiu_RpgysBwI5G5ln_oD8XI0DcZHWmxnteEElr0tnbvAabbedWaGuTazyaDk6zlak_1Z_75XcSLxT-KINt5EXV_WDYWgz77clTmQmZOjznWqz9i6lF1mYmHjRQ0oEz6jWIARaOB0jhAoe0t1U5y5sHuzelpbyiAsuRcHuyrJoOyb-EFqyHzCK9U5j8LDt2vnXBR0LVxwUbNcUbWaFX_nAoDow16huiMAklQpAcKe-_XkScrvw2FlK62yJApumvTGCSYqqi4ZmKBv0GbTdqmp9YgPcwF7mfFbD8Q5YCajgY6D5BKRZyv9SHji4x7lVQysb4SrPLzsrp38AvWdmUQNXQ1TE2tFmkUU7PtqU31sS0WPz6IHNl7IiFOQ4JYe8KocglF9RkwGlc5bTdqGw36A1Lzo9lIoyXGy9DV_1bKaZp19rGmn0f3LceaSm3HWQ1uyX3KPFIhTJ5Egvws-Oq0or-Wh0g-V_a-B_AoeB7se1RtpNOrDNuJdIf5w6EMEmSTsTMmW6QfWuIPyNtNMl_aXDvHYBY-a-23ZEnNZQT-S8rgqd9BqjbzwkMYxCFmvQXZd3JmErqBQsd02vC1OAyvJWzJfyR0GilMFVUTVKse2-18hdw8QVy6x4dtjMEHC-RwhnsYbwsEEooygT83IdRKDNa6O_LOO7z20nPc1s8m7MIF-0rkHPJftw549GOONfR4zMEObn5VQiLOFpWppfEYznAWOz7nr0qaDYzPw87rbXPvvZB-B-B-dyYXQhqVNAWoqUSYDqRAtZjSXq7Icoz4UNaXmPYYMhZG9ZTYEBa6vUZ4JjOJDsLu76eZfN7-c114cezeVkmAqiXt5I_2OX3a9UuPyXkrKh5E-eLgqkCegaHS7CLculzammh-8tDY3JHnlQ2Fj0A2_uLXiWnB9mUxK6Cb4GpqQIbLau3ADZX5eJFxMXOKEun87-pFLYFSiDkX69TWNpsMKBjjIfD_ImsG4XgDz37fcK9wkv6M&cid=CAASPeRoJrSkorO8sEHW0QMywY2aqk_DfRNTMu7GtZe4uwUy6NgTvpJSP565LuTbv7uL7bkOSHXqFGzoPaOvxzU&rfl=1%2Chttps%253A%252F%252Fwww.orientaldaily.com.my%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:03:40 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame ACB2 22 KB
8 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:04:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame D4E8 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDcn8tA8xmqkcRwlA6RXj838D5linCzCDcmfwkywa7u_JPhbE63BV-rXYJxk9CAggp60Rjt1FGIJ4DNgfAoYwPXbAKzPt3OT2SPAkdWaF9fHdL7iepP39ya5BZdlSf_oYL0KWLrNgnPYSe1sN6qKR-ddGCRg&cry=1&dbm_d=AKAmf-AcmQyH19sNHI6hQbLgKM-0J8MHg40RA6Q9Pi6OC0defb0eKZ6vY4wI-uoXcomGnF7dxB8xFlARod4ByE2aeCsolKfSPg9dmwxshADUkRsN_lAPIPnhAHe62fl3lay6oQ-Vfu0kOiU47R6WVEcrmea2b57G5xN5oUULxwFwj2kfN-fccwGS2WTcPoiQVSkxCo3eT_MnnaO8RUWK4LTbmZMTLsAMPs4SWFHd33KV7GrZAY1wMAbDwcNfZasgwicrWYUVv7OFOPoNwUGX64lSmBAA8rHLcZ20LYcD65bAIqmuNqjz-Vu5qWlIv1AGRs2imW9sIf9t_0MuACtf3XzK7HxN9Hn70hvOk7NYW5m2tuOZhXEnvcW1waZmoYU-hFj8t1teZC2D3Nl0wnTrTIUxSNx_O2G5jrIusxbPvG0fM0HfDbmUQrfzKCVHz4t_uSSQ4Wb1q1ROovrXsn9KUpnpBYQsXtn9BUTQZ962ElThB7MppZV41pVZq8UPk2C94l5GMQy7acEYFg7EDSfHkwF7QFqMvlWyENgVKzEtr99CR8W1zdCCq12t6s_qcPj54kWAttnHbiYqFUKiZkuCx-FYbd0aImkKnLOVneJsoXb6pveRcuCN-JR2s6vO9bd0rIrVeoVsxwBOhgcGnvcMg1tUO6jqij4GbcIEtNUNupSyOnoquGACRnNYCL3Bw7xSvxSmaBfDgw-9oe1-D6VHhRrDNztuyg_ZQ7ianTQBTn_n2UnuNTNXZKkca7Nse3ErJsuSWpUbII4M_oe_vMzgCt5NKCtX81yJOp8OK1ypvJuOPHs-I7vahVlWwhF1_IJa4MOHh0nVu6_qJLZntVdWIGcQyrKy-aZ1vrsYPDE9rbPeQeEIa3T9Hk0BfPYYj4WJzxvxoiwroV4ypmdXZt3KUENxQ5pUqM9UUSjelmXkKq11-t5gmZrPIF7wM23NIYyG2jAQFNkde6Nw-Uhlko3Y6tVOZNOBgQWUbwjgM6go8LqQty3YoDfUZMSInl_bU4KfbVP7_SfbKw9yNqWEQeb_LQV0ml6XFei7HrxTfx9afYr0UX4yu4Py84Ux--55Wqcf4r61lbvRdfeSc2L_HHy2q_R2UZvCy6VfK0Gb-35789TZHp5ybvBBmdZLkpXuU-maFjQyXHsOP71c-O3CzODs5tv2qsV4F8wDaVLkaH5kMbcndnuBmJveWNfxIu04H8QZjnmvuXxsjMzETDJt-w_C1kjYKiG1Q0EnTtLRb4MhY_6WF5u5eYqk_ItPzJn_GHu1rCYYZ8eeW2I6dSuGNlbPszbPORL1I0omuSmCabKah7ptnRU1v_pxPfrGgfzA6rO6A1WJG2tmqMKiaYHxSjEGon5Co77KDRV5rjdLJ_NZehTAVUPfWtVt8aAoHXuWmBCN5-Dj1-Hw-TGmzNObZOuME4pcirkDivxOk9Bwt5tOiDUh1zJRgOLlcDG8t0uRONBEMPF0minCat3tJMom3LaQiTNGYI7iE4IHwjEDWgxpBGHwF1FVwdZLV8YlzTmMGwDxtUroFjQ-2e--RXY_IpM-hnTUMoXVO8hsa6MvR6Lek_l2GNhwxv-7SJarRznCULMPUqLVQegGvcTxNtBtoUHwGGXCFHy_k8_9fh0OWgnWiu-bTu9SZ1WkTWA4kEsUY6gRLaHGz48kkJlT8d16NIpe7lR2RGhBN6DwiZbmKMo1Syx00ax-4kO7YtNEXxP5ez_A1nQRTkFAv-AqCWuKeNvpHzSzk3gO93U-Pj6KZngEVDL1nTfzxAKTz2FKon2Am_7XeQe_Jv08tHuOODY2Bmuw3bHh71dp4CyEHC6yWJK27KjpM_I0Kb9k7bX38V2g-jsBG8Dvn2wgCGw01iqx3_ZbwwEZKlUwwZkJb7fwtVK6fcxq1unSUkMWR9j-7mTiXGA_jqGxi6aE0rel_ylfl_PVGiodLrOUBvkcKG4y16qVTxZG6cpYj4u5_GCVdHNSuymI6QDAtpg8Vfvautldd0U-Wws_bMppMBEQUpmb29Lk89IWqlPFizDBrJP55oSvlaj4wR_IJP_ya0aMRHt0UvgUqGICxPSPggeVIX8Cc1bTYvHMGpFjAF-m4vCqzOqm-PbYUGNQfvsfINRtCCu-xArAO2fUICCKCc7reX7K1JsMYioYdlypvqG8r272A6dFL7iexVKP1NfT0b21QWSFM9BPwXbMhwyHjxUA7FkOd-4qNmBqgtwDXoVElNgcM2h9moxSqztmLHc8THSkGP6aK-INevymAY895j3t7KFogJ18xRJwbJlU20Xz_dLEs-o7n3UnYFjlFE8Vu3L6qwT8aWjTbZn82JQwPqwQVXrhcTApWG25XvdrTOjQOq4F8Uj7j8cLJm4xQfCAJWS8uzQzitCOIp3z7VjpdcOMYP0CONee2HTDaHIkXLhuhY0RW11AoD7ARurOucZ29GttFfDToKTnvQ0lXzc7edvqphp2N4puAlnRBtPUUQcXP9YMuXZk7Sibf3onGeMhUrb3SFaU-Mb1IyASvU_RwNShE2-UVyI4KTiQzMfJ_p7MfR9ltgPEufuTxp7zOOZ_OPLcI8t4qEB_gIwG4_SeFJKf-2hKbLpTxytUU0Df9MKzOEJ2IFZGYxk2Q3lN_eGhn-bjxw-cLmLklvVLmPn2d5bolvnseRmsCVeqMmc8SngN03ALSgrU1jDDznLkcnGPABZszIYnzlwXso-BkMjjzkrNo8joR8NZ4aE1L9RiVhS0ENuWYnxgE_Dw6k_DuohAm9sH_T4P9_AQ-o7IffXp6WNdY00mtKaJLDnW9Y8NYTG0BBiA81-D1hX2dqt3Vqxa1Y1wSNd4OdPxMiuqBkp-uHgsjzyvmbse2kdVEmgEEmaAaSfo8-QeQSRQoCE-CtDuknumlJ2hjA3tT4dEq7LJ23QS9rSVii60MD9rkD_cvqVjsy3__x954UxoWZrV5P6D4aijjnwZZ_bd9oTGFsc7V-g0qy0vC70spw4Fn3bX8EHu6q9u5CjpPXuBglqFZ_Bnr__U6GljlF2voM-GtgtMWXkHtl2Yps7lVh2da3kYFKPXpcWkBLs6yP3Jtws6-U2bkM_enItvQlozUmdHqz3R9FMAnCeg5rUL1D32B-95ncT68uniKETsK1vzUiA_ZQq6moQtlbqVukm03hnIHGEKXplPXYIAYYmO10qC8GkhVbmeZVyBwL1ogo0u_kNLSOMmTOzWqV6kRS0Ah1E9W59I2tbYaUrKL9va5herTRbkf7rLBlMNsoqQ3wSdwdIiUN1z6GTdawtRsdHVxwsDUJZu_67z2oZ65sYPtZWRG9QuMCLg95XlhJ60J0wukK_CqTP8ZoEBsJEx67ZecuLivF1MQO2jrU54feVwQNtnNgM3NAHgUmBH1zWR47HjOnf_Cqrc_IsE&cid=CAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k&rfl=1%2Chttps%253A%252F%252Fwww.orientaldaily.com.my%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:04:21 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D4E8 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161446
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 13:17:57 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D53D 9 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 03 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D53D 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14731663085902272421/728x90_verti_v1/728x90_verti.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 03 May 2021 23:11:01 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C374 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngZsYw73gIBeNk_4TyTckbsPJvNfE5YUqSvplL8O_IZn8sF8eVnJOT-sgaesw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 09:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 708
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 857E 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 740f68600f208e86496c7228f2ba79c11fa8f7873f4f1a0bd547dfe6de8e149e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B8E 0
0 42ms
42ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTAPDdet0hGOoWDdTikXXyrB4CPEEsDQul7_6TG2J2Lf-2OfsKTZajjhvocP-7Ew27onhww-PtjM0TiRqrTUlISbTIO8dbztj3wwAacQXMyPsYY6X33fhnnqdOsX4A248ZX__FKFthd1GtxqXesneP_3upHHk22jgNxm2A2U8qhtIbaBwN0kK-xLF55SpCWRvDm20uKZ-Kj4SZpnwdQ4pC_kEIRQqHeFfr5o3wO6MR6Jj5Mzl_ctohkPRlp5ysYJ8Pq7e7exoP9_kRS2wCgwFaJgeYko59PLbN2BEztr_fcP_iiTN7gvtTTAogLVvn8cf1Ewvlc421zxRmT4UIa10&sai=AMfl-YT9vAxVOTEMcpSkqE7Ys9zXSNSbwVt3NGGD5_XOgB5WJzmOi8uTre5EJW6Av_MMTvoYeiGwxhcTCfZjeNLxEYi51nCvIOzG4U3Oj763ZZ0djnI3KvraDkKzq1Pxpt1O&sig=Cg0ArKJSzAc3r_pcTEIeEAE&urlfix=1&adurl=

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B8E 0
0 42ms
42ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqAibxWilKzhSwOBLn35eyS3wj7MPFDsi2-yGtWFIICQybVVflKhT3ASAMl9C9w4zDGTleDIsZgSKyV6z044ycHEmw6GO5xQWzefYUf8ZBWYxsFOQJnOa_knhxrdI31z_75N9sCGfjuVT2Bxw-tEVEPEp2Qxhmy06nXCs98gNyV8P-at0cjX84mFqg5VYNOoHD4ab5xgP8h40PcdN7lZouTHpUZeVzPROUit_5bwCRWF2Tm76-1D7kLPrZU7dyK1hxA4fQlUjF3ZxSqPEV18qv7Awn1i1ob2x3aG5HT6FYfjyggYQ1Mw4IiIQc1tiE9CYcA7rCZnKhPIYqQ4vAlGvH-A&sai=AMfl-YTBJzfaVTjfbuWBtyRCZKi2HLicS8TL5asgJBd9GUaNaiqrm-W9_lVSlGCgNj86cQwQwjJgyY3XuoBL_fRZDYHLY-cQAx_7OP1P9bfISQtU8zvm9fHifjiEjGGz7emp&sig=Cg0ArKJSzHowSA7eZmp_EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 10:08:43 GMT

GET
DATA 200
OK truncated
/ Frame 6B8E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d589802031066158affccb1d8c6070ac6cad98b7723290f6eb9b8d23bcb6713f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4222 170 B
243 B 40ms
17ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4222
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1

43 B
1014 B

32ms
18ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 10:08:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4222
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YI-LqzklRyuIjMAY1Gu8dAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYs43DpQEwAQ&v=APEucNXWNnyAUBBnEG_oUNrG8xRT3DP-0G50VjlYB5mCNcqb3avbcMydfpU3BaZHc1B9iYoEAY4PCthVbaWMo5YZr0P8rZu6gWp0HeKWad3fAE-8_p3p8azjLKVkyYmyYYwOIdUY3QzFYLEW7Me84BPaoTwzaP9l7lUJ-ECBfSLUWrq-naI-IHs1vx7kdOfTNrjqIVLFWBhHoewVcqfrdzuB5wMyUEJXig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 10:08:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEByn7NDyJ3JblF4xFxxbSFk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 80AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF12vHG9s1lVQaU-oXF8LWM&google_cver=1

43 B
1 KB

46ms
19ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF12vHG9s1lVQaU-oXF8LWM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW4_bB8kHOqXKB0lai_7r1u65gIXH3b5ssk6fg9SBPYMbOgf3OD_wOtXHAGHsLKG6ZhWN4FNBhVx7_56Ldty3Gej_xPPiDEGSsHsyO55DPoK0FPX7P4z-LIPpVqsrDUtf3uVMDLLW-5SACsvt22-MQIkGN0PmwJF2kfaRncJwhtHRo0LC1i6VxGHssBEKIQP7f1HRBaUKlOj4c2BZevuypN5WAJZQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
X-Proxy-Origin: 193.176.86.100; 193.176.86.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: cb490f1b-096b-494d-8079-36cad460ac24
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF12vHG9s1lVQaU-oXF8LWM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 80AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEzMTczNTEzNDQ3MDEwMzU4OQ%3D%3D

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEzMTczNTEzNDQ3MDEwMzU4OQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
X-Proxy-Origin: 193.176.86.100; 193.176.86.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid: 25aaae44-d52d-4c28-aa7d-1ec78ba4412f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEzMTczNTEzNDQ3MDEwMzU4OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 80AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENbUOdVP1vYwPB3GUfNXVNI&google_cver=1

43 B
180 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENbUOdVP1vYwPB3GUfNXVNI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNW4_bB8kHOqXKB0lai_7r1u65gIXH3b5ssk6fg9SBPYMbOgf3OD_wOtXHAGHsLKG6ZhWN4FNBhVx7_56Ldty3Gej_xPPiDEGSsHsyO55DPoK0FPX7P4z-LIPpVqsrDUtf3uVMDLLW-5SACsvt22-MQIkGN0PmwJF2kfaRncJwhtHRo0LC1i6VxGHssBEKIQP7f1HRBaUKlOj4c2BZevuypN5WAJZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENbUOdVP1vYwPB3GUfNXVNI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 80AF
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTM3NTY5OTgtZDE2OS0yMzlmLWM1Y2ItZjc2ZDAyNjA3MmVh

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTM3NTY5OTgtZDE2OS0yMzlmLWM1Y2ItZjc2ZDAyNjA3MmVh

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTM3NTY5OTgtZDE2OS0yMzlmLWM1Y2ItZjc2ZDAyNjA3MmVh
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 13ms
13ms Script
application/javascript 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 03 May 2021 10:08:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 13ms
13ms Script
application/javascript 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 03 May 2021 10:08:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
294 B 1265ms
1263ms XHR
application/json 23.79.150.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.150.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-150-67.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.orientaldaily.com.my/news/international/2021/04/29/408221
last-modified: Mon, 03 May 2021 10:00:00 GMT
server: nginx/1.15.8
date: Mon, 03 May 2021 10:08:44 GMT
content-type: application/json
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
DATA 200
OK truncated
/ Frame D53D 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edb8936b32c88634b453eeda0880544b01e8a4e160f58597ec337cb6cb7ac446

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e42577eafc4f5a8c723ee60de3666678c01ebbcc4ae89aa6191f5a1dddd7a85d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82c5718c38637180ee2b3010c2f908eb4055eda5c5f2749ce9773e732f1bad2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8192e34564628ef7affc86ea2366e33ecef09a7b018816dd7834bb58f6f4e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aad79d11d173d978abb0f3443d713df05afee2b4b11302d4c248a598c6939bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e310120d045ba13f53592619927c955432fb0bb3d8ebe7a4ee007a5e5da625c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6746540ef497b296c43699fb9bb060bfa6425f0bbf1ebfb866cfd1cdbd13cd09

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 822a038f5c6e1bb2ec5794383d4a672d4a96824036f7b96e6b6bced757282b00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edda46aeffb96bada6878c641dc24c040691389d702864d90bca15e55ebf4901

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e192513c59dd6979ea130dccd8d92c279e91b96027e58d6ed9b32624326626d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c7405fa794a21e2ae320d9c266874bdf0023e9eada97c5830921a615a3e437

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b10625de0d6b039fd7f29e0a78695202dd3b0077b40b1a369a42a76fe972e55b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 724366bf0c290f4827cf17e6236679ff198d56893c5c847d2d038bdbff0bd43b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D53D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d519e99a13e9c33794dc42528180d7fd14f71b8cfd7e1238fc092b39819bd31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E7E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 02 May 2021 19:55:07 GMT
expires: Mon, 02 May 2022 19:55:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 51216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/8264868/1619111140812/ Frame FE2B 6 KB
2 KB 21ms
7ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8264868/1619111140812/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b22cbc93292eb507de8802152fe20f79c96c7927cc8cf838912c4b18134a3f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8264868/1619111140812/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2403
date: Sun, 02 May 2021 10:53:42 GMT
expires: Mon, 03 May 2021 10:53:42 GMT
last-modified: Thu, 22 Apr 2021 17:05:40 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 83701
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACB2 0
575 B 71ms
48ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPvMHJskYBeCPHzOimBb_sHgpuakET6-PyVTHpT2qUbX1lvaaX7VTTyRy3I9TSW55PoXq5mO1_NpgJ6R6nMyMnP5go0sAyA2RkwY8reM6GrYhX25eSCU3rlCFpaPtXHZ22z_UWv3wgAOKdMisaCqQXq7NxH9-wsCqS-9Ba-sar8wtMbNCmfDYXeqed6Xj2PDIwyeMQMgFOcFj2WIhtHqKSRefz0TCMxytuUWv-UXqTCKmAxeft5r0G0be2b8JqoRUVaZ9xYYOl5WxS8bezsLTedRcrBU-plSVa-qpTbGYHfOqzDn7bnznJlnWPkGim5O1iOFrZ0HeLfOJzcwv7A60kSjHkTkDYL0oNpTejp6zIngv-gYZGIhiJbdDyDl04NuZ5vC2oUGGw8fzVpWi2pQd_U9BYVd3kfWAWcv1tXAG3Jl4UeQRtujENk6kyV8YTAsZjjXXCjpFZPzTO5wilL4XZmZHuxmQkXbNRch-E3so1T0yA_uiLGUTFZyp9g3RefIPumsFHgdD0ahC3kvQyFX1TJ9j3YwMYEANIlWTszhH9KPWWrwPUXKMwNpeqI7IqMk5zlO0_EKYW3OLYOh0BORXV9nZLyPkZE2xcNG5gRtmydBJZ0CMXGXXU2uR2VId7aI15G24xV5TFaR7u1VVbaBcVhUmhg4tEBDeXYU8QsGUXKEQ8t76Kx85ACdacw7qjI4pN4zmIZ3NgQKzMT72qUXm3f3MrDAV95xlqmpIAH1r6_EP3bQyxAdn1baNSdaVewc4MPnY83um5nd0o3QGiCKNIuQA3HU0PDjMQIMXIr3CS8pw5zhe1Q-vcEfef6ztrAYgDj6iCBQ84w1r9zPc7UKFMK95LNj90fV0UEPsOgLuYAmqWXUzU-wuXKDlYYGIc5IlWgRwoKZXeiu5EsDOK6efaZLT1dpeeCVxBlqXCdoxcNgAzKJvsnORRAwEHaoLgt8bOx0Nm39qhHIsSCYnz9c2_oowD-CjePi7l11pvwoh3FL2z3QZGqfBPybf6NO1f2GM9aicJWOxS1t-Oy_qwkpjZGRstJxwKfCaeisB35CiS32u-ZWui7jewEhnlydCWjsq7WJlcPgoiAz-9QhVinxZWfd8FmpeRTaWp8RQ4NjKcBi4Yy7D2IIFQZcwJ-byXE_KoM55HTsHtQ9mVG-9jnhod03MNRC-YygRJwaAFJhA9IsmwG8bSPBX74LpZZskIQrTe5jG_KKgURO4HVebDhAAoGbemFscS1B5b53pDAvdCDf4yvgAjRG6vMgM-ofM7HbYXHydv&sai=AMfl-YTrqdiz2OpU_ZiYsN1rCOCrL9Up0n8qdhINeeLZG3UdrZ7WPrWcopf2F5b2OW657HRM4CHqOMrefY3GX3eUpbwQHTOhmmSyOze-Dcpf3eWRE0KqroLVhhPXrFsOKcL2EbNYlYvxccGE5otFHTcue9sD1tYOlRl3BuBozv6kvjiivl30hoaE3XKUldjVSvhvFywoNmczNWcFHvnoSzifdNpiGSX_R1ZOBk4yN7kb8bpZ7uvYIiEHG_0P6dESFiBsNTQ&sig=Cg0ArKJSzFxYb3bfNi3JEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=196&cbvp=1&cstd=194&cisv=r20210428.49901&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 03 May 2021 10:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACB2 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161446
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 13:17:57 GMT

GET
DATA 200
OK truncated
/ Frame ACB2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe253b706e08315dc6e62f1b59d9ee4190e92360bb968e283f593fb6c21c309

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK hjtkt1t9m63l Show response
hal9000.redintelligence.net/zone/ Frame D4E8 11 KB
4 KB 37ms
13ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D
Requested by: Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ec2c01a3bbbd23323dd8df78253eae09052aadc6f631ad01266b3532d1a85129

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4013
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B249 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 02 May 2021 19:55:07 GMT
expires: Mon, 02 May 2022 19:55:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 51216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C374
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngZsYw73gIBeNk_4TyTckbsPJvNfE5YUqSvplL8O_IZn8sF8eVnJOT-sgaesw; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 May 2021 10:08:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 03-May-2021 11:08:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 10:08:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 May 2021 10:08:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame FE2B 236 KB
63 KB 40ms
18ms Script
text/javascript 2a02:26f0:7100::1720:eeb8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1619111140812/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:7100::1720:eeb8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:43 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 03 May 2021 10:23:43 GMT

GET
H3-29 200 PAY-BCR1-694_IIW_0_Spring_Campaign_HTML5-Banner_gtechnik-728x90-desktop-01.js Show response
s0.2mdn.net/8264868/1619111140812/ Frame FE2B 17 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8264868/1619111140812/PAY-BCR1-694_IIW_0_Spring_Campaign_HTML5-Banner_gtechnik-728x90-desktop-01.js?1618923077024

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1619111140812/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c2c89f65ed10a2be37e336f342daf5c160656bdfb1c365d3106d204a13fe2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8264868/1619111140812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83972
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3756
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 17:05:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 03 May 2021 10:49:11 GMT

GET
H3-29 200 fallback.gif
s0.2mdn.net/8264868/1619111140812/images/ Frame FE2B 37 KB
37 KB 7ms
7ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8264868/1619111140812/images/fallback.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1619111140812/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28efc9b96bd94f730b32056b45f729cf9389191ca7e47feb80587a6700fbc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8264868/1619111140812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:09:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 17:05:41 GMT
server: sffe
age: 82735
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37557
x-xss-protection: 0
expires: Mon, 03 May 2021 11:09:48 GMT

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame D4E8
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

95ms
73ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=5999300267218&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0b96fd03a43954fce7e1a2811554de4ef572be9ae3857bdc16bf39dbfb08004f

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 58928600088045800710584011583016
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Mon, 03 May 2021 11:08:43 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:08:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=5999300267218&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 03 May 2021 11:08:43 +0200

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E7E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2482
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 09:27:21 GMT

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame B249 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2482
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 09:27:21 GMT

GET
H3-29 200 PAY_BCR1_694_IIW_0_Spring_Campaign_HTML5_Banner_gtechnik_728x90_desktop_01_atlas_1.png
s0.2mdn.net/8264868/1619111140812/images/ Frame FE2B 25 KB
25 KB 7ms
7ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8264868/1619111140812/images/PAY_BCR1_694_IIW_0_Spring_Campaign_HTML5_Banner_gtechnik_728x90_desktop_01_atlas_1.png?1618923076993

Requested by

Host: 5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
URL: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

648aa010a8f608e98b98b4326b867ae3657ebea1bfb8a1c47224da9a1436d180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8264868/1619111140812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:09:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 17:05:40 GMT
server: sffe
age: 82735
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26009
x-xss-protection: 0
expires: Mon, 03 May 2021 11:09:48 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACB2 0
23 B 57ms
43ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 4A38 3 KB
2 KB 34ms
12ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=58928600088045800710584011583016&a=59a47c83
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=a0be44aef4&subid=&uid=9e3fbcf419c51a40&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCof65qsuPYPDeBKaNjuwP3KKAoA6P4PiGU_Woi6TKDPAuEAEg3uW3Q2CV-vCBjAfIAQmpAg5Mg9KHKrQ-qAMBqgSKAk_QJ4O5oDj-53XzB7QbHHyiDzMlyAM8IwvNc7UfS8OXmD9tTXnWCxMHJaRp1nfXVukj1zdiLr_wxluOuSHCUrUfRU5VzO0VkUtWGsBZQIrlHm30P0_Z0odsogAY-mtQpxRTEzh-l3x9e8GJ-DEGFmGB_FGeD9Q2oMF1iQ6VzzV3pIHaVsABAwj4JuQMZVeXO11zkAOhe5ClEwGemvkSQ3FGYy866Zg8lvJxg0hKf8uiVJ9KTS-A4aRKYQ8fUrXaXTexMjkn9bOwi-v0YrrKxbr42DLdyXwVrmv2Nh4OWqNdAJXHw5EZWREGBvfWd9sKEJr4l7FrGpp-Jp0UGNeZd5s5_99z4wLs0aWuwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo3KzvxWlYecq2rnLP9gRyZPm7_fqzzxl97BPeKMFK8kiAsHPR8p02MJpM1r__1jaKnWn7SxzsD8Abq6k%26sig%3DAOD64_1j8YY4JgnzjPmvZ8vuwgnSqz-fZw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-C7B6zZO88h0OdsBRnLzkCCeMIwpxbQOns7Fc5mErf4Y7ixocsZ8wfabwxYVRWV-7qTQorCOpoDhjEvs30pfyde8h3mOlmA3QlByCH_64ExdzLTV0Sw-DThyewO3M2R-ALx57-j8iOyG2nF87uegmSi-esETw%26cry%3D1%26dbm_d%3DAKAmf-CNnkduvKfn9J3pGLpQ9AjfkvLRxnXmhL5E8afrvcB74clbuqgl1KCRMOnOEWNbH_yHT40ijsWILOJH_j1qVpdXttjQp_WvlAMWbX9UB0-93JRulChY7uRQNw5WZXmvOB0yF9T1zzqaXK7JRTvbkUv1JV8PaSq1qONeGmFyjaRXSK-GqUL09pzG0CaC3g6wYb5DaU1LLtwRbPoY5TdM0A9Bim9NhOwDGzpp6boEnw0b2b6-j2ErOtjOxH-4vcbX05DAJvOwQYm0jCkX24Jw4Ia69ZQ_YyoG8hNJuXP6EqltggckutkfBFulaNakhdiB5tuv_5HwamX3MF6IXYEWHNX1WVEguirOuKD9yj0gysEmaP3TGajOmI-swW5EKTe9Fx-GqJXPM3QT8wnPU_lW6cClFk3-cXqWckal5pmDiwSG-8wzgxVAJFmGA9hRGMjYtjmbjH_uR2tlUS1a9jfyslaaC9vzWZ8b3JNXhaxsOwBfZH108bOfm10kKfbcAJ5ibmpurh_z%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=5999300267218&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1dc448e826cb995cf5b7cb56bb634043076e73ec1ddc3f23e69dc986f5a95fcd

Request headers

Host: hal900016.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=59878c3509451d62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 03 May 2021 11:08:43 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1336
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame D4E8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b06784cdea0c7423216bf925040427a83bba1f102b5c4e51d10015dd196ccbd4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 398ms
101ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1620036523762&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6NCwic21qYWQiOjAsImFmIjoiIiwiYXBpX2hvc3QiOiJteS5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjXzIiLCJ1cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJsb2dpZCI6IjRiNDU2NWJhLTllYWEtNDVhZi1iOWY2LWMzYTAxODkzMDczZSIsInVpZCI6IjdmZWE5MGFiYzY0MzExY2Q4NjcxNjIwMDI5MzIyNDE2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZTA3MDc0ODQtYTAwZC00NjczLTlkZmItNWQyYjYwNTE2ZDhmIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuOAkOWFqOeQg%2BaZtueJh%2BiNkuOAkeacrOeUsOaxvei9puaXpeacrDPluqflt6XljoLjgIA15pyI6YOo5YiG5YGc5LqnwqAiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm9yaWVudGFsZGFpbHkuY29tLm15IiwidGRfcGF0aCI6Ii9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImUwNzA3NDg0LWEwMGQtNDY3My05ZGZiLTVkMmI2MDUxNmQ4ZiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLlm73pmYUiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 03 May 2021 10:08:44 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 1037ms
256ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6NCwic21qYWQiOjAsImFmIjoiIiwiYXBpX2hvc3QiOiJteS5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjXzIiLCJ1cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJsb2dpZCI6IjRiNDU2NWJhLTllYWEtNDVhZi1iOWY2LWMzYTAxODkzMDczZSIsInVpZCI6IjdmZWE5MGFiYzY0MzExY2Q4NjcxNjIwMDI5MzIyNDE2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZTA3MDc0ODQtYTAwZC00NjczLTlkZmItNWQyYjYwNTE2ZDhmIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuOAkOWFqOeQg+aZtueJh+iNkuOAkeacrOeUsOaxvei9puaXpeacrDPluqflt6XljoLjgIA15pyI6YOo5YiG5YGc5LqnwqAiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm9yaWVudGFsZGFpbHkuY29tLm15IiwidGRfcGF0aCI6Ii9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZTA3MDc0ODQtYTAwZC00NjczLTlkZmItNWQyYjYwNTE2ZDhmIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuWbvemZhSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1620036523764
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1019ms
252ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&uid=7fea90abc64311cd8671620029322416&type=pc_pv&nid=pc&media=orientaldaily.on.cc_2&r5=ca_%E5%9B%BD%E9%99%85&t=1620036523764&tz=my
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Thu, 29 Aug 2019 01:59:39 GMT
Server: nginx
ETag: "5d67318b-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1041ms
259ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoibXkucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY18yIiwidXJsIjoiaHR0cHM6Ly93d3cub3JpZW50YWxkYWlseS5jb20ubXkvbmV3cy9pbnRlcm5hdGlvbmFsLzIwMjEvMDQvMjkvNDA4MjIxIiwibG9naWQiOiI0YjQ1NjViYS05ZWFhLTQ1YWYtYjlmNi1jM2EwMTg5MzA3M2UiLCJ1aWQiOiI3ZmVhOTBhYmM2NDMxMWNkODY3MTYyMDAyOTMyMjQxNiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImUwNzA3NDg0LWEwMGQtNDY3My05ZGZiLTVkMmI2MDUxNmQ4ZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLjgJDlhajnkIPmmbbniYfojZLjgJHmnKznlLDmsb3ovabml6XmnKwz5bqn5bel5Y6C44CANeaciOmDqOWIhuWBnOS6p8KgIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cub3JpZW50YWxkYWlseS5jb20ubXkvbmV3cy9pbnRlcm5hdGlvbmFsLzIwMjEvMDQvMjkvNDA4MjIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5vcmllbnRhbGRhaWx5LmNvbS5teSIsInRkX3BhdGgiOiIvbmV3cy9pbnRlcm5hdGlvbmFsLzIwMjEvMDQvMjkvNDA4MjIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImUwNzA3NDg0LWEwMGQtNDY3My05ZGZiLTVkMmI2MDUxNmQ4ZiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLlm73pmYUiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1620036523764
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 803ms
263ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJlMDcwNzQ4NC1hMDBkLTQ2NzMtOWRmYi01ZDJiNjA1MTZkOGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44CQ5YWo55CD5pm254mH6I2S44CR5pys55Sw5rG96L2m5pel5pysM+W6p+W3peWOguOAgDXmnIjpg6jliIblgZzkuqfCoCIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm9yaWVudGFsZGFpbHkuY29tLm15L25ld3MvaW50ZXJuYXRpb25hbC8yMDIxLzA0LzI5LzQwODIyMSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cub3JpZW50YWxkYWlseS5jb20ubXkiLCJ0ZF9wYXRoIjoiL25ld3MvaW50ZXJuYXRpb25hbC8yMDIxLzA0LzI5LzQwODIyMSIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIxOTMuMTc2Ljg2LjEwMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImtleSI6ImtleTE2MjAwMzY1MjI0MTgiLCJub3ciOjE2MjAwMzY1MjM3NjQsImNsaWVudF9pZCI6ImUwNzA3NDg0LWEwMGQtNDY3My05ZGZiLTVkMmI2MDUxNmQ4ZiIsInVybCI6Imh0dHBzOi8vd3d3Lm9yaWVudGFsZGFpbHkuY29tLm15L25ld3MvaW50ZXJuYXRpb25hbC8yMDIxLzA0LzI5LzQwODIyMSIsInVpZCI6IjdmZWE5MGFiYzY0MzExY2Q4NjcxNjIwMDI5MzIyNDE2Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjXzIiLCJkaXNoX2NhdGVnb3J5Ijoi5Zu96ZmFIiwiZGlzaF9kb21haW4iOiJ3d3cub3JpZW50YWxkYWlseS5jb20ubXkiLCJ2X2Rpc2hfbGFiZWxzIjoi5pm254mHLOeslOiusOacrOeUteiEkSzlvpflhYvokKjmlq/lt54s5Lic5pa55pel5oqlLOS9jeS6jizlvbHlk40s5Yi26YCg5ZWGLOaRhOWDj+WktCznkKbnjonljr8s6ZyA5rGC5aKeLOWFseWQjOekvizot6/pgI/npL4s5YWo55CDLOWPkeiogCzoiq/niYcs54yb5aKeLOaVsOmHjyzns7vnu58s6L2m5Z6LLOWvvOiHtCzpo47mmrQs6YCg5oiQLOeBq+eBvizpub/luIIs6K+05piOLOaDheWKvyznlJ/kuqcs5ri45oiPLOeWq+aDhSznvo7lm70s6Zuq5LiKLOW4guWcuizkuIvovb0s5L6b5bqULOeUteWtkCzorr7lpIcs5Lic5LqsLOaKpeWvvCzpga3pgYcs5pe26Ze0LOWFrOWPuCzmnIDliJ0s56CU5oufLOS6uuS7rCzlh4/kuqcs572R57ucLOaUr+aMgSzmtojmga8s5o6o6I2QLOWRqOS4iSznu6fnu60s5bqU5a+5LOWHuueOsCzmiqvpnLIs5Zug57SgLOiLpuS6jizlsYXlrrYs6IK654KOLOihqOekuizkurrnp7As5YGc5belIiwidl9kaXNoX3RsYWJlbHMiOiLmsb3ovaYs5YGc5LqnLOW3peWOgizmnKznlLAs5YWo55CD5pm254mH6I2SLOaXpeacrCzpg6jliIYiLCJsb2dpZCI6IjRiNDU2NWJhLTllYWEtNDVhZi1iOWY2LWMzYTAxODkzMDczZSIsImFwaV9ob3N0IjoibXkucG9waW4uY2MiLCJkb21haW4iOiJ3d3cub3JpZW50YWxkYWlseS5jb20ubXkiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1046ms
259ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&uid=&type=pc_channel_pv&nid=pc&media=orientaldaily.on.cc_2&r5=ca_%E5%9B%BD%E9%99%85|ch_word_pc&t=1620036523766&tz=my
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Tue, 10 Sep 2019 08:21:36 GMT
Server: nginx
ETag: "5d775d10-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1065ms
263ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3b3JkX3BjIiwiZXhwZWN0ZWRfYWQiOjIsInJlbmRlcmVkX2FkIjoiIiwiYXBpX2hvc3QiOiJteS5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjXzIiLCJ1cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJsb2dpZCI6IjRiNDU2NWJhLTllYWEtNDVhZi1iOWY2LWMzYTAxODkzMDczZSIsInVpZCI6IjdmZWE5MGFiYzY0MzExY2Q4NjcxNjIwMDI5MzIyNDE2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZTA3MDc0ODQtYTAwZC00NjczLTlkZmItNWQyYjYwNTE2ZDhmIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuOAkOWFqOeQg+aZtueJh+iNkuOAkeacrOeUsOaxvei9puaXpeacrDPluqflt6XljoLjgIA15pyI6YOo5YiG5YGc5LqnwqAiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5vcmllbnRhbGRhaWx5LmNvbS5teS9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm9yaWVudGFsZGFpbHkuY29tLm15IiwidGRfcGF0aCI6Ii9uZXdzL2ludGVybmF0aW9uYWwvMjAyMS8wNC8yOS80MDgyMjEiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZTA3MDc0ODQtYTAwZC00NjczLTlkZmItNWQyYjYwNTE2ZDhmIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuWbvemZhSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1620036523766
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Thu, 13 Dec 2018 07:24:27 GMT
Server: nginx/1.13.5
ETag: "5c12092b-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK log.gif
r.popin.cc/ 35 B
264 B 1056ms
260ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=7fea90abc64311cd8671620029322416&url=https%3A%2F%2Fwww.orientaldaily.com.my%2Fnews%2Finternational%2F2021%2F04%2F29%2F408221&t=1620036523767
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:44 GMT
Last-Modified: Tue, 10 Sep 2019 08:21:36 GMT
Server: nginx
ETag: "5d775d10-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 4A38 52 KB
52 KB 50ms
15ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58928600088045800710584011583016&a=59a47c83
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 4A38 0
150 B 34ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=58928600088045800710584011583016&a=c5096c7b&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58928600088045800710584011583016&a=59a47c83
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900016.redintelligence.net/request_content.php?s=58928600088045800710584011583016&a=59a47c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:08:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 4A38 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E7E 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEEZTq8uPYPrxCJO03gPD-IOgAgAAAAA4AeAEAg&bg=!t7SltPDNAAZLnZBaS507ACkAdvg8Wo_EJfFMUVDnu9jFnuLT6kGaGv74-5K823dIz1Ur1qSxuXoSbgIAAAE5UgAAAB5oAQeZAqKNbm0U568HH9rjI6Y_xoiHFnFhG5dbQPnGLbmN-F09hotMqWERfsqDlz_AH4-wpQhpCju1pLLxKUFmLh8yf_JvVJrr3hUWvndVhEdnk-9ENADr22N4sVLlaqeCU_DsPy9VAuAQxWBztQK9fE2vpRZ9Cp0NFYkwLnxrpyekXXiXPI73wK-qhA-hdWAHqIJPPPTkHLq3MlFvnayNKz5rmUkZ2kcg-YvafqhQfJm5imHt2FjbH4h6CYUeuES4aYCBDheyJXH9J7mlgjwos-UIPe9OdVhm3qyBnRjJHLf9uE-de1EqCdKWQLalf8wnSZuQhMAW5BlEN-qr2GBBjKzGgYncDrFUWl0LxsFxMbi1uoYsoj51jjNYWsfYvQBFm1BWRW8Uy_Z2cA6lTC_HpkiZf0-sUTrukEjLQ7A2rpyFoVgkuVMgVVfh1IWz_UR2EVSAcc00Xtl74kkBkypJ8Doqm7-1EOAI7M5BVs-vxg7ZGNs1vaADV0u9h3l28oDA_wl4t9pYaBMnvuJ_fI2Yv-dQgUOIP4wDRrAfCStcDY0G6LztH7nXTH4Xs1I4O3CucW-y7jDAj1RmFo7TxS2VQiJrPG2T7l636p_8WZ1A0rWYHEjic0Dgz28SGtq_OJED6PLDE7D9a9rjY2pyn36C1nGYd-G7nQA4S9sYX1eBV8YsHK7-tV4_xFIegumPoZXini7meN1dMGsjL-w76McMvoI85-uwfYhunLmKkLpjeZDSEBkWqyGnvYUuKRIFBY0yPLYgzikw2_JWkKeNLm0YN3B_f2CkPfVZncLLYTdmQ6oZOM6j0e9jkpX9U3u2pJClqKFxrNTDLEc-SEF5HcQYMVEN3l6ogjdeUJscGXXUZPwiJuCEWjzopFTE_1B3PYALjICMvugk5g

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B249 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGsaXq8uPYM_0Bv7W7_UPm5OhmAwAAAAAOAHgBAI&bg=!mpmlmd3NAAZLnZBaS507ACkAdvg8Wra09qkBKvin4yHNgYBILBllzIuQkrCBsdYKjJ-P9Rlnum0gpAIAAAEvUgAAABFoAQcKABY45V9AuOoPZO1wXIAwj7QFvqzmJrYlmQKWU1cfvJockYcgLA9JRqBXuz7gZTT9HQ3PJUBx8ETipN-8mh0Wrci_bxmmeoNjLMhbnxihnKBEBGifJ_rivvOOxekgWrupxYJLQJZQRRC61vijPLa7PM0sFP3NPOim1ekOK61RCSqBfOK5M_IX5V67VDNkwZT0q6UGYdeNtG458yshPFnJBYmRFhBUxwn9_sEPNuxlo1gInnz9WqiK7zn6BkMx3fLrcslRPyCvhMf7rpeLBMmiFSwKq6ia-J9Hn2IW7JhvFlzGZxbKcHg2a4705z3SeB3kc7mDcg-6TCXAMmqLGx_yJkmW-QL-NMAFa6UsFEiS7XHU_cXqjnYA8WlR6HJoizECvj9oQvk1HMoPCUROUzvUO2J3g0fPYxYGxDJ7qLXhIrigsIwh8m9Q8aGxibRzgY2gXRWTaUTq4l1UAzArn9A6PQir6zb4dwmIZmurYPA4nBoH-q4X2Z_nCWM6TQKmRvGyNvNU3AVzcOaSSctWMAfakQGZ18_IxEgU8XZds1A-qfWaoBoWXK8siODkvim0APQ4T6bizT_FwG5Sd_24PBQQbuvab_v37qJaOIyiB-sDtVXQsdhW1mVF96VFNGJwWAdjruUKV6il8i1_gEcYDWzNWsQ-m5KBA3LPfSw0MvJQUEo1u_PXyNRJjUqdF7weDoocRSxamai4-LmxA6KUizoNj0wA3UGFmZkKtrLGqdgK-A0RMm7Dz-lZki_lkUiL5zhIvQYdWsxHjBpDqDo_Ftj5J162MRpXJBNsjBpg9MXNlADZWsjcSXiW5q_0ea6JqEWw3FoMBZYIke6zf5i3i4E-Ldeccy8Z-BncqdVg5a-7CjQUschTg0FXi-H1U1nZ2am4rP3gODH1kpm4OQrmC7YQWyA

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B512 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiQOh6gqbWCG0i8dPGrUrjVwnrr7c0cjnVQ9hQzroUGEZ8ES_ZQMcPoGkBhh86FwYlv6MMz3K6AQWeEz83RY4Yvns9U4J9iAq7fDb0YBA3Sru1uIzBCdmtAAWRQQ&sai=AMfl-YRCxmgksOSxDVEjTcovzLHGgzHNEVC_67j_tjALlCHpsh3R-9a27eD_Ic8GP0eOb6dnPMtjYbm53Fy3FxUm5L9TH0268eJfJ8HG1RT_GoMGrQAYfAxcIWnoEYXoK0D-&sig=Cg0ArKJSzIbO7XlsJCaAEAE&cid=CAASPeRocLaLFvcADSh2wcWm54ZZuZg82sxLKcul0ZZ7uvNoRueWW8ICYAtJauf0WTsYQX7Ez8e44g_9KB-ZY9I&id=ampim&o=1030,159&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=252&tls=1252&g=100&h=100&tt=1253&r=v&avms=ampa&adk=3629341576

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/news/international/2021/04/29/408221

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B8E 42 B
64 B 53ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTtlDef-HHNvaTgolfWalN9dF6fKXVfwM70rDNdtysBFg8FpM8Z-dKbqOtt5_vq3JpBL23CbslIq3x9H1jwOoy3a3R6swhVB_Xeu3eips&sig=Cg0ArKJSzA7JoGpgpVLZEAE&id=lidar2&mcvt=1003&p=804,1030,962,1330&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=7&adk=3881334754&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620036522981&dlt=23&rpt=356&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACB2 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIPoQPHK8z9DYqPY8n_FPwy5C2RT6tdei59bsG8MErr1qWCWT3Vlro-99PHTg-IkfIT7g9Nwfaj9WoIPDc735hNxX9TJnFxi5ZYLsGArp-lx0i506s1FeJvpI6AQ&sai=AMfl-YQThU6fQyMRUQzB1E1XrNMtRwlNqGhZStN0pbY6hUZdygCiqqpWfBSk4umvUbHhfGQbqvWPZ6tSzAcAVtEYLRQJWRFnwwuvhRBMgPoHQx4jEE-BhwnqR-tqh7ApAypF&sig=Cg0ArKJSzJcw0DaxKmuCEAE&cid=CAASPeRoJrSkorO8sEHW0QMywY2aqk_DfRNTMu7GtZe4uwUy6NgTvpJSP565LuTbv7uL7bkOSHXqFGzoPaOvxzU&id=lidar2&mcvt=1007&p=759,246,849,974&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3652709448&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620036522932&dlt=51&rpt=520&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58787e13ef24d43d31a80c20e61930d6a0bdb92ffab3f11f165831ac20587f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 10:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7584
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 10:08:44 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5799 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.orientaldaily.com.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.orientaldaily.com.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 03 May 2021 10:00:58 GMT
expires: Tue, 03 May 2022 10:00:58 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5799 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2483
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 09:27:21 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042901&jk=4042368252370408&bg=!OjmlOX3NAAZLnZBaS507ACkAdvg8WjHa7Zt2xYIrR3qi-gKOPeBUOfkFEbI-pjvVVvFfDwZCCmbLDAIAAABfUgAAAA9oAQcKANkHWL6DGc0Jwnuf7MdFl3X7ddUtlckoaAGLrqcxJBZh1VhGcpxBdd8ANLrET_ieAH71Z44SwoFNj8XK1yu_YsXkoN_tqN8Iyd1Z-_eYxulSUSbe4oKqwvjCF909_MNc3d5ZfWiSD-TzysL7olzzf7cfDx56mWlnqTROoKSiIAiwgSFi95JaKM89jjHt0OCQvZ0ijUofRjytvv078BtR7KsJ6AQ23QRd7YrAKbpr93o4LNIaUzmk4fu2FKr-ihqegj7mLIKzrarEHrHySJkMIa_mFkZ13RYGqIlimQJF3nVuEf5ZqZ0ZG6hxCuKNnxuR_cvkdpDyh724npHuTsU-SDT7cmMEkz3xwmr3yggH6yN8V0b3IWcsa0ysjYqkV02ywlPY_W_H56ZrQOYVciTC9lTMmRvAlcCA2OS_N7IaL9rxexkGoKwRfmj9wxGkexkYPS0fx6aWbVIamJzMzK3du_3wI_RxIFe3MTJDgIapLKP7zEW8RyOs0qxCbgjaMzhEyPWWPyZoOwVP4JbSdV3C0PEL1yYIfp4ys8rXm8Co1BZZmphWzE4dLa0miOzEaz7LyEOv_WAX1mm4sZ07pILF0yOLH7YnGBZtXrzrKuf4VL7_qdClnyKl39wZNj-otFmybzcjfDwrI9FTa8tr2CfXbPckXwaqaDlblT9GbD02cN0zqxWomSezZSX_djoiX7YLZy1U1VkbZewWDFgTvTFEQQ53HUmoXyZ9Byuh_g4yLE7A-MFZ1KUK7S1I8b49rN4twnmfRksiMbIpqeuqU6jwkOW28MFecEAalVkk3vG01VarvURDlz2tYGnJHg_xsWHvE0FkLcB0n7uOk4MMtAzwo6E1xu4in9DdtZaquwoEJpXcfV1RRDcB6kKS-nrFbUW0Zbihq8OY4Dk_pVsMXCyVd9qdNlW0vI3VzF3hb5vg0u2RGWWqLF4Dp0nKzQ1WhNpnlY6HkpJgM7v4b6uaWAY74U4C8qFyCe7dRygnR6aJ7oOt4jBoHXfqqLGkhfxdFIVQnn0DnGWVmEiwEYW9pA6g9n7kcFNAEttAEJmA4z5t7dHkGYc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIj_buq6Kt8AIVfuu7CB2bSQjDEAAYACDdqbBHQhMI7duvq6Kt8AIVpoaDBx1cEQDk;met=1;&timestamp=1620036533588;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame ACB2 42 B
498 B 65ms
40ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj_buq6Kt8AIVfuu7CB2bSQjDEAAYACDdqbBHQhMI7duvq6Kt8AIVpoaDBx1cEQDk;met=1;&timestamp=1620036533588;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:08:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:10:12	Name: 8lcfmzhxc8d6_uid Value: 59878c3509451d62
.doubleclick.net/	1970-01-19 18:00:40	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:22:12	Name: IDE Value: AHWqTUngZsYw73gIBeNk_4TyTckbsPJvNfE5YUqSvplL8O_IZn8sF8eVnJOT-sgaesw
.orientaldaily.com.my/	1970-01-20 03:22:12	Name: __gads Value: ID=dd170827621696f7-2226c02cfcc7005f:T=1620036522:S=ALNI_MZSCpHD_lmQt4Yk0XnyRLb6k5G9Nw
.orientaldaily.com.my/	1970-01-19 20:10:12	Name: _fbp Value: fb.2.1620036522475.1159903381
www.orientaldaily.com.my/	1970-01-20 03:30:50	Name: __atuvc Value: 1%7C18
www.orientaldaily.com.my/	1970-01-19 18:10:41	Name: adAsiaUserIp Value: 193.176.86.100
www.orientaldaily.com.my/	1970-01-19 18:00:38	Name: __atuvs Value: 608fcbaa615e0e68000
.orientaldaily.com.my/	1970-01-19 18:00:36	Name: _gat_UA-21383972-1 Value: 1
.orientaldaily.com.my/	1970-01-20 11:31:48	Name: _td Value: e0707484-a00d-4673-9dfb-5d2b60516d8f
.orientaldaily.com.my/	1970-01-20 02:46:12	Name: _ss_pp_id Value: 7fea90abc64311cd8671620029322416
.orientaldaily.com.my/	1970-01-19 18:02:02	Name: _gid Value: GA1.3.167127260.1620036522
.orientaldaily.com.my/	1970-01-20 11:31:48	Name: _ga Value: GA1.3.1620095717.1620036522

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js(Line 29) Message: -- ATM info -- Performance check: 304.07421875 ms
console-api	log	URL: https://www.orientaldaily.com.my/assets/js/app.js?id=cfff1b8be9d0b7a067ce(Line 1) Message: REQ https://www.orientaldaily.com.my/news/nation/2021/04/28/408110
console-api	log	URL: https://www.orientaldaily.com.my/assets/js/app.js?id=cfff1b8be9d0b7a067ce(Line 1) Message: REQ https://www.orientaldaily.com.my/news/nation/2021/04/28/408110
console-api	log	URL: https://www.orientaldaily.com.my/assets/js/app.js?id=cfff1b8be9d0b7a067ce(Line 1) Message: REQ https://www.orientaldaily.com.my/news/nation/2021/04/28/408110
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.orientaldaily.com.my/news/international/2021/04/29/408221
console-api	log	(Line 3) Message: not found #AdAsia_DPS_odn3-story-mrec1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5500c365ad9412a0680f8f8d1245d635.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
adunit.datawrkz.com
ajax.googleapis.com
api-public.addthis.com
api.ipify.org
api.popin.cc
cdn.ampproject.org
cdn.contentspread.net
cdn.izooto.com
ced.sascdn.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
media5.orientaldaily.com.my
my.popin.cc
pagead2.googlesyndication.com
r.popin.cc
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
us-u.openx.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.orientaldaily.com.my
z.moatads.com
119.63.198.143
119.63.198.172
119.63.198.188
119.63.198.189
124.217.235.42
13.224.106.70
138.201.220.30
138.201.63.165
142.250.185.98
142.250.186.162
142.250.186.34
172.217.18.98
184.30.20.241
184.30.21.162
185.33.221.87
192.229.233.139
2.21.242.228
23.79.150.67
2606:4700::6812:d841
2a00:1450:4001:801::2002
2a00:1450:4001:802::2006
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2010
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c02::9d
2a02:26f0:7100::1720:eeb8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.229.28.141
34.98.64.218
54.225.157.230
85.114.131.235
89.187.169.15
99.86.2.119
0344bd4ae65a01aff8febf8ee046d804fbb54091bd3151f0a71dd0843488c5a7
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
067a3bdb8a1f4c31676234c3ab664a69585d9e54bb5047dc7c681087e9a0c03b
09013f19c87a2786ab7fe942528f56550f27f53380f417cb840f3a7f4e6d6f10
09aa83c064af132a1fc52fac765671a6ab87ab12c4a7d6577f85c0f391541967
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96fd03a43954fce7e1a2811554de4ef572be9ae3857bdc16bf39dbfb08004f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cc49ec597107c5bceb543692d771af6c1eb1af0a373e1044b94bb5261df9a12
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e660daaf0521696bf961cd95369409a2612d032b6b7c7f5c4b80ca502bebf1
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1dc448e826cb995cf5b7cb56bb634043076e73ec1ddc3f23e69dc986f5a95fcd
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
2278c8b0860b6749d4e5729bffafbbbc383939ff04c60100bb9878d4d990b5eb
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2b8192e34564628ef7affc86ea2366e33ecef09a7b018816dd7834bb58f6f4e2
2c88d845b367e443779f79a0e4d91f60957bcf26ce6f0c71b22d668cc8ee52ef
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e192513c59dd6979ea130dccd8d92c279e91b96027e58d6ed9b32624326626d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
32c7405fa794a21e2ae320d9c266874bdf0023e9eada97c5830921a615a3e437
32dfc505c7c5621d0e04b4950e7b82bacf3c936944f07f1bbfd96904553c166a
3507f4575f5985393867eaadc7d441763b5e41491153f0d9fa55e1c493aab4da
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
413cd581ccec1beb6d530b5f73d5e8becd268f818080106714fc1dca2634dce6
434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f032aa3c709a45314d8120f8fb9aea09a3b073ce89ece98a63a9f3f25eb78b
453d30e6feab35156983d8f88c293ebcc88740572e4aca5ef9cb25d5ca7f3262
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4785f439c8c88370dbc1999303d5f4f0a310d1997a5893ae94798b568e99675b
47be6f942284b870eef8c85306d752eaedc9da6007dae9b9992d83732f020d38
4aad79d11d173d978abb0f3443d713df05afee2b4b11302d4c248a598c6939bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507f72c7f7c2b51b84cb031054bfc6c9ad5a7b3aab7cd06cd8642ae7d6ad6645
50b09ad439ff485aba8b9d97edfa65dbbd75adfdb69912aca7337c824a78bf96
52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56dbe47b7d70f669fe5ad76a4c6d923196f462d0b3fbe34f1b3f4a08897c14a9
57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9
58787e13ef24d43d31a80c20e61930d6a0bdb92ffab3f11f165831ac20587f02
5e51705eef4fd6c25448de6f68426684465318f94e90e1c35cec76e78b8b4144
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6136c5d4c2b4254689208e8d07fd300b6b66e57eec737b54e0470bb1805c562e
62fa2966ebd97eebcb62216619377bb0c7651c795a35ad9ea504e5d49283a932
631cc9501cbf5fec658b6dcd2880928472002eeec028e12d0fa6e37a97de2c05
648aa010a8f608e98b98b4326b867ae3657ebea1bfb8a1c47224da9a1436d180
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6711a28bc6f36eec53ae7ebc12fb3a488a90f104d57dab94fd2e34aa7ce9bf47
6746540ef497b296c43699fb9bb060bfa6425f0bbf1ebfb866cfd1cdbd13cd09
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621
6c2c89f65ed10a2be37e336f342daf5c160656bdfb1c365d3106d204a13fe2f1
6c7b84cc82a8e0004a25b7dacc3d874dc75de3b5d0231c2c2845d075cfb6fa07
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
724366bf0c290f4827cf17e6236679ff198d56893c5c847d2d038bdbff0bd43b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
740f68600f208e86496c7228f2ba79c11fa8f7873f4f1a0bd547dfe6de8e149e
74e43cd9bd0b60b458bb8aa6916e7dcfe18fffb1136a859b515fb9a74230aeec
79e679273ccb9274570af9420603e1c4e23df95b0d88a3fb4bf846cbe6d082e1
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7d519e99a13e9c33794dc42528180d7fd14f71b8cfd7e1238fc092b39819bd31
81913cfdb14939878aae06cb4393ae652e0225f1f6e99e69db52be824665701c
822a038f5c6e1bb2ec5794383d4a672d4a96824036f7b96e6b6bced757282b00
82c5718c38637180ee2b3010c2f908eb4055eda5c5f2749ce9773e732f1bad2e
82dfe7b5086b42f0ecc780ca27f6e469ccbddbef6e512957330fc9f4f950bd9f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
89ab7fef8db8c76ab90101108ec9b28f62b23187df034087a15dac94ae2c5839
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
90ec4e6600f62db196a24bb5eb6ff4eafca82084c9f3b95520cbce94e9f36224
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
9625617d06d9b78c71f4225907f1e4e955cbaf116be755e2069cb34376c7b87c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a6c10d407e47b490dc9421ba6c1391cc5007a9f61ffd0c395ad318e893d2e0d
9cc2ac74d04cbeb4ff79406214a678fb052c5d29b8dccab1d41a5a6c8dbdb15b
9e310120d045ba13f53592619927c955432fb0bb3d8ebe7a4ee007a5e5da625c
9fe253b706e08315dc6e62f1b59d9ee4190e92360bb968e283f593fb6c21c309
a07132c63f32901121bd4b72134ab4f12b5bb4074dac39927f72a01456122e78
a084ad5b6374eb1f1d876486d3c0a0a3b05e9aa2ca4a11b5e442acd302895fd4
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa2e6b46f0c311645b835706dddf4acbfdad41baedcceae50b5b1eb214ea3116
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad17a7fff176ab184a85e8824ed0da90cf71ea85bc251e647afa228dd36bf107
b06784cdea0c7423216bf925040427a83bba1f102b5c4e51d10015dd196ccbd4
b10625de0d6b039fd7f29e0a78695202dd3b0077b40b1a369a42a76fe972e55b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22cbc93292eb507de8802152fe20f79c96c7927cc8cf838912c4b18134a3f9e
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
b449c35feb6ec8d321af1ea832e7ae20cc2df9eda67664886c3de5de68997fda
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
babe0c548b8e5ec81b26ddb738b4429e82fe3f5dd89fbcbf5440c2dd609a246a
bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf
c60f553404df6f096cf302da643b80df46faa8517c7768065ef7031d2f3f37af
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c810ad2bf811cede73200ab62010f9c4bd1ed716b95f5eec3e0dd48934ef8fa9
cfdca3831bee52368f7306ef29ddc2b33943de457613b9a8dba4a43ac5a4fc38
d28efc9b96bd94f730b32056b45f729cf9389191ca7e47feb80587a6700fbc6c
d4939f13d80713dd95b6f041adf16f9e5bd0315434a5e38c88af0a47a3d2e9e7
d589802031066158affccb1d8c6070ac6cad98b7723290f6eb9b8d23bcb6713f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dc41fb7670446239d732df8bcf82b5f45bd8ee69e4d9f3b837136c1715724ac3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42577eafc4f5a8c723ee60de3666678c01ebbcc4ae89aa6191f5a1dddd7a85d
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e6ad7225b3dbcf7caf7520474d6e491c46c845d289032a75bd1c971b84f29d27
e8658ef8a0aa1f5030f821aeac3b040230224c767824b2b413511c6404533ce7
e942b29454175d0d1586a54c8c6aea225fdacc869c6638461fa4e60388110382
ec2c01a3bbbd23323dd8df78253eae09052aadc6f631ad01266b3532d1a85129
ec87c560abae0dbc56a4b0aead069c4118f6a5aaf25e0690fc56cbf3d9431259
edb8936b32c88634b453eeda0880544b01e8a4e160f58597ec337cb6cb7ac446
edda46aeffb96bada6878c641dc24c040691389d702864d90bca15e55ebf4901
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
fc4ff302f60f50802e076be5127358905f9b2a842edceed9c1225c8a58fe7405
fea25505358a9fb0d38689edd69a01354319a992a2ade513af64420f1a54e231
fec9eb37c5edd3617758787a6e663a93d164d4b5b8bd8c39ef137bce586c3a0d

www.orientaldaily.com.my Open in urlscan Pro 124.217.235.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

175 Requests

99 %HTTPS

51 %IPv6

29 Domains

47 Subdomains

50 IPs

6 Countries

2664 kBTransfer

6052 kBSize

13 Cookies

16 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.orientaldaily.com.my Open in urlscan Pro
124.217.235.42 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

99 %
HTTPS

51 %
IPv6

29
Domains

47
Subdomains

50
IPs

6
Countries

2664 kB
Transfer

6052 kB
Size

13
Cookies

175 HTTP transactions
19 data transactions