hafizrahim.com Open in urlscan Pro
103.161.132.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hafizrahim.com/
Effective URL:
https://hafizrahim.com/
Submission: On November 20 via manual (November 20th 2023, 8:36:26 am UTC) from SG — Scanned from SG

Summary HTTP 230 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 36 domains to perform 230 HTTP transactions. The main IP is 103.161.132.8, located in Kuala Lumpur, Malaysia and belongs to GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY. The main domain is hafizrahim.com.
TLS certificate: Issued by R3 on November 12th 2023. Valid for: 3 months.

This is the only time hafizrahim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 80	103.161.132.8 103.161.132.8	132372 (GBNETWORK...) (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd.)
4	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c1a::61	15169 (GOOGLE) (GOOGLE)
21	2404:6800:400... 2404:6800:4003:c11::9c	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:de7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2400:52e0:150... 2400:52e0:1500::868:1	200325 (BUNNYCDN) (BUNNYCDN)
2	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
1 17	2404:6800:400... 2404:6800:4003:c1c::9c	15169 (GOOGLE) (GOOGLE)
2	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
6	2404:6800:400... 2404:6800:4003:c0f::8b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c05::9c	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c03::93	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
1 4	172.217.194.148 172.217.194.148	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::95	15169 (GOOGLE) (GOOGLE)
5 17	64.233.170.154 64.233.170.154	15169 (GOOGLE) (GOOGLE)
4 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:116:800e... 2620:116:800e:21:6c50:dbee:bef5:203d	16509 (AMAZON-02) (AMAZON-02)
1 1	35.247.47.28 35.247.47.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	124.146.153.170 124.146.153.170	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	124.146.153.152 124.146.153.152	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	3.113.105.142 3.113.105.142	16509 (AMAZON-02) (AMAZON-02)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	18.141.109.184 18.141.109.184	16509 (AMAZON-02) (AMAZON-02)
5 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	13.224.250.125 13.224.250.125	16509 (AMAZON-02) (AMAZON-02)
6	142.251.43.3 142.251.43.3	15169 (GOOGLE) (GOOGLE)
1	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
1	13.251.19.153 13.251.19.153	16509 (AMAZON-02) (AMAZON-02)
1 1	2404:6800:400... 2404:6800:4003:c00::66	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:8::7	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1 1	23.59.80.144 23.59.80.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.25.145.156 52.25.145.156	16509 (AMAZON-02) (AMAZON-02)
2	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
1	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
230	40

80 103.161.132.8 (Kuala Lumpur, Malaysia) 1 redirects

ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY)
PTR: neutron.gbnetwork.my

hafizrahim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c00::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1a::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4003:c11::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:de7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gbnetwork.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2400:52e0:1500::868:1 (Singapore)

ASN200325 (BUNNYCDN, SI)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00c:300:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4003:c1c::9c (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c0f::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::93 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c04::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::95 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 64.233.170.154 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.21 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.247.47.28 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.170 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.152 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.113.105.142 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-105-142.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.141.109.184 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-109-184.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-125.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.43.3 (United States)

ASN15169 (GOOGLE, US)
PTR: tsa03s08-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.19.153 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-19-153.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::66 (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:8::7 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

r2---sn-npoe7nlz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.80.144 (Singapore, Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-80-144.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.25.145.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-145-156.us-west-2.compute.amazonaws.com

sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	hafizrahim.com 1 redirects hafizrahim.com	729 KB
42	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	277 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com — Cisco Umbrella Rank: 301	400 KB
17	sumome.com load.sumome.com — Cisco Umbrella Rank: 53708 sumome.com — Cisco Umbrella Rank: 53300	436 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	82 KB
7	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1148	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
6	demand.supply live.demand.supply — Cisco Umbrella Rank: 53681	32 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	138 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r2---sn-npoe7nlz.c.2mdn.net — Cisco Umbrella Rank: 439612	4 MB
4	google.com www.google.com — Cisco Umbrella Rank: 2	1016 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	177 KB
4	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12815 sc.tynt.com — Cisco Umbrella Rank: 15460 ic.tynt.com — Cisco Umbrella Rank: 5525 de.tynt.com — Cisco Umbrella Rank: 1605	21 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	220 KB
2	ad-m.asia 1 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12320	867 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	adtdp.com 2 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 32981	1 KB
2	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208 gdn.socdm.com — Cisco Umbrella Rank: 110562	2 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	1 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	33across.com cdn-tc.33across.com — Cisco Umbrella Rank: 25468	460 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 904	498 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875	507 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	689 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	762 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 13407	455 B
1	sumo.com load.sumo.com — Cisco Umbrella Rank: 15997	2 KB
1	gbnetwork.my www.gbnetwork.my	54 KB
230	36

	Domain	Requested by
80	hafizrahim.com	1 redirects hafizrahim.com
20	pagead2.googlesyndication.com	hafizrahim.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net hafizrahim.com
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
12	load.sumome.com	load.sumo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
7	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	csi.gstatic.com	imasdk.googleapis.com
6	ps.eyeota.net	4 redirects hafizrahim.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	live.demand.supply	hafizrahim.com live.demand.supply
5	sumome.com	load.sumome.com
5	match.adsrvr.org	5 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
4	www.google.com	hafizrahim.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	connect.facebook.net	hafizrahim.com connect.facebook.net
4	fonts.googleapis.com	hafizrahim.com googleads.g.doubleclick.net client
3	www.facebook.com	1 redirects hafizrahim.com connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	hafizrahim.com
2	ade.googlesyndication.com
2	sync-dsp.ad-m.asia	1 redirects
2	x.bidswitch.net	2 redirects
2	r2---sn-npoe7nlz.c.2mdn.net	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	dynalyst-sync.adtdp.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
1	googleads4.g.doubleclick.net
1	analytics.pangle-ads.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	tags.crwdcntrl.net	cdn-tc.33across.com
1	cdn-tc.33across.com	de.tynt.com
1	trace.mediago.io	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	gdn.socdm.com	hafizrahim.com
1	tg.socdm.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com.sg	hafizrahim.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	hafizrahim.com
1	sc.tynt.com	cdn.tynt.com
1	cdn.tynt.com	hafizrahim.com
1	load.sumo.com	hafizrahim.com
1	www.gbnetwork.my	hafizrahim.com
230	55

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
youtube.com
vt.tiktok.com
bukuvasi.com
www.tiffinbiru.com
www.miszrockers.com
www.hanimhashim.com
umminani.com
ninamirza.com
saidila.com
www.aisyaismail.com
sohoque.com
ohsempoi.com
news.hafizrahim.com
secure.gbnetwork.com

Subject Issuer	Validity	Valid
tomatolaici.com R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
gbnetwork.my E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
load.sumo.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
load.sumome.com R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.sumome.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh

This page contains 18 frames:

Primary Page: https://hafizrahim.com/
Frame ID: 7F19D37DA03AA45D3425E69AC204658C
Requests: 145 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 9D020E570C0D8D8385B430106AD2D108
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&adk=1812271804&adf=3025194257&lmt=1700469378&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378503&bpp=4&bdt=419&idt=392&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1825444603272&frm=20&pv=2&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=434
Frame ID: 07258B51A77EE4A0DCBAA6A3CA9C1412
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=280&slotname=1809803214&adk=2430090356&adf=2034072364&pi=t.ma~as.1809803214&w=1152&fwrn=4&fwrnh=100&lmt=1700469378&rafmt=1&format=1152x280&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378508&bpp=2&bdt=424&idt=460&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=537&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=467
Frame ID: F4ABDC11680200A47D89B615D20BB3B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=190&slotname=5994263952&adk=1394813288&adf=2842922880&pi=t.ma~as.5994263952&w=758&fwrn=4&lmt=1700469379&rafmt=11&format=758x190&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378511&bpp=1&bdt=428&idt=497&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=502
Frame ID: A25D72F051CCC9DCC881091AE310661B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=190&slotname=5994263952&adk=1394813288&adf=2785701644&pi=t.ma~as.5994263952&w=758&fwrn=4&lmt=1700469379&rafmt=11&format=758x190&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378512&bpp=1&bdt=428&idt=513&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=4326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=519
Frame ID: 6506818A822C6E5064D8341703B0E32F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=600&slotname=8672092010&adk=1383706990&adf=2795377350&pi=t.ma~as.8672092010&w=300&lmt=1700469379&format=300x600&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378513&bpp=1&bdt=429&idt=526&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=530
Frame ID: 8E15795753C28AAA8CFD8986E2048914
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=1148&slotname=3051332388&adk=4165257236&adf=4028191022&pi=t.ma~as.3051332388&w=334&cr_col=1&cr_row=13&fwrn=2&lmt=1700469379&rafmt=9&format=334x1148&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378514&bpp=1&bdt=430&idt=539&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190%2C300x600&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=543
Frame ID: D6B58103861DC20A9EB2827EC1DA7C01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiYSBD3keiZBBjm1JH-ATAB&v=APEucNUGUkeGQR47Tc7cKcOHlvAnGVDltidCENdPf8GDls3QdKbkoQCewOLa1jI53_cpkoQm_ccG_taqG7rpct8JrT_fU_AIyw
Frame ID: 41B372FFCAE8D17887B549F37940B45A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC869C19A46C34C9BBD9771D433901E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4AC1BA67D20D1411B5B99109644C709C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 49D3C073DBB7F278C4C0B8CC778E0DDD
Requests: 33 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 5D4CA52F7A55D39F196BF9DD999CBC1E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F87E2E4E07A7397652DE0A15A7E3221C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 255DBB408E1328E8A30087A80609283E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfd0a863269c38c%2526domain%253Dhafizrahim.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhafizrahim.com%25252Ff16112fd69aad08%2526relation%253Dparent.parent%26container_width%3D334%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fhafizrahimnetwork%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: B13E64821F07DB9ACF6A0C4AC543D955
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BE2DAF3AA822088D37435605086BBE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97A23F2578C5C7AAD0BF1704DBCB73EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hafiz Rahim - Malaysia Lifestyle Blogger

Page URL History Show full URLs

http://hafizrahim.com/ HTTP 301
https://hafizrahim.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

230
Requests

90 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

40
IPs

5
Countries

6895 kB
Transfer

12557 kB
Size

45
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hafizmdrahim
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/hafizmdrahim
Title: twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/hafizmdrahim
Title: instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/hafizmdrahim
Title: youtube

Search URL Search Domain Scan URL

URL: https://vt.tiktok.com/ZSekjxoWY
Title: tiktok

Search URL Search Domain Scan URL

URL: https://bukuvasi.com/buku-ustazah-asma-harun/
Title: Buku Ustazah Asma Harun

Search URL Search Domain Scan URL

URL: https://www.tiffinbiru.com/2023/11/resipi-roti-kismis-dan-kacang-pecan.html
Title: RESIPI ROTI KISMIS DAN KACANG PECAN

Search URL Search Domain Scan URL

URL: https://www.miszrockers.com/2023/11/richiamo-coffee-menyediakan-pelbagai-menu-menarik.html
Title: RICHIAMO COFFEE MENYEDIAKAN PELBAGAI MENU MENARIK BUKAN SEKADAR KOPI

Search URL Search Domain Scan URL

URL: https://www.hanimhashim.com/2023/11/moisturizer-terbaik-9-kelebihan-berikut-yang-anda-patut-tahu.html
Title: Moisturizer/Pelembap Muka Terbaik - 9 Kelebihan Berikut Yang Patut Anda Tahu!

Search URL Search Domain Scan URL

URL: https://umminani.com/2023/11/batu-karang-dalam-pundi-kencing/
Title: Batu Karang dalam pundi kencing

Search URL Search Domain Scan URL

URL: https://ninamirza.com/stamp-hasil-ketahui-cara-matikan-setem-online/
Title: STAMP HASIL | Ketahui cara matikan setem duti Online

Search URL Search Domain Scan URL

URL: https://saidila.com/cuba-makanan-pakistan/
Title: Cuba Makanan Pakistan

Search URL Search Domain Scan URL

URL: https://www.aisyaismail.com/2023/09/burung-di-kl-bird-park.html
Title: Burung: Jalan-jalan Tengok Burung di KL Bird Park

Search URL Search Domain Scan URL

URL: https://sohoque.com/doa-selepas-solat-fardhu-rumi-dan-arab/
Title: Doa Selepas Solat Fardhu Rumi Dan Arab

Search URL Search Domain Scan URL

URL: https://ohsempoi.com/peraduan-cuckoo-beli-cuckoo-menang-kondo/
Title: Peraduan CUCKOO – Beli CUCKOO Menang Kondo

Search URL Search Domain Scan URL

URL: https://news.hafizrahim.com/roti-gardenia-naik-harga-lagi/
Title: Roti Gardenia Naik Harga Lagi!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/KELABBLOGGERBA

Search URL Search Domain Scan URL

URL: https://secure.gbnetwork.com/aff.php?aff=87

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hafizrahim.com/ HTTP 301
https://hafizrahim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&C=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVsag6.uDLiZIGa.ngAShQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&google_hm=2

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHjgyn4_SkNFfKva0dnbtTY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjgyn4_SkNFfKva0dnbtTY%26google_cver%3D1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUyNjY2NjQ4NDczMjAxMA%3D%3D

Request Chain 151

https://um.simpli.fi/gp_match?google_gid=CAESEMP9LN8hVTqDtN0l2TcQxJQ&google_cver=1&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZQ7puQv9GDxyux69sxnBjy6B3BCQeI0shsfHG8mjgapMBREIQwR_Sgv2JsUGrMC4GuU5joBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FE9E968F7B7430D8DE6E5852A23DCD6&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZQ7puQv9GDxyux69sxnBjy6B3BCQeI0shsfHG8mjgapMBREIQwR_Sgv2JsUGrMC4GuU5joBQ

Request Chain 152

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDy8ceuck8-y7bXJIkwBWzo&google_cver=1&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-KIC0NmCyH9Q1GxeJfkh_MZpO816fNWsPI4VpipCz66TJbXuxPcKphX8Xuj2CZ6Q23Y4nR5xACTAQKI2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-KIC0NmCyH9Q1GxeJfkh_MZpO816fNWsPI4VpipCz66TJbXuxPcKphX8Xuj2CZ6Q23Y4nR5xACTAQKI2

Request Chain 153

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEA8bUvsbcbS2tUQEhhkSofk&google_cver=1&google_push=AXcoOmQY2WDo02XsVy60PcGxix4Z3OOyDtxoJimLxnzlXHR6YtbF7EXHDeGycXgo1tJhwlIYZ0xhRwta-8v9I9HDHObXylB12MNmb6S-qHPh3rnnEmCOTtFG5q_7OEvV2FK5UEXfAGqwrfVtJIAkoy7845gzCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlZzYWc4Q284WGNBQUhIalp5OEFBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDwVu3SGcOjJsJmtzYKE-Ko&google_cver=1

Request Chain 154

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=1&google_push=AXcoOmSzwI_1V6zR9b31DLmyaew-OR4e1hXebsOYOIG0XgprM-z7_kPl0XcY3tzJPCZ2fehtVpuFmOME1RzNNBdbsrUHkC36Pp_oZOy6j1P5kxNxuC9tlRxma_-ODXFr1md5f0XEUAjxaHRZRqS6utusjZt3tA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTEyNjM1YjEtOTY2Mi00ODY3LWE5OWYtNmI0ZGU3ZGMyMThj&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=1&google_push=AXcoOmSzwI_1V6zR9b31DLmyaew-OR4e1hXebsOYOIG0XgprM-z7_kPl0XcY3tzJPCZ2fehtVpuFmOME1RzNNBdbsrUHkC36Pp_oZOy6j1P5kxNxuC9tlRxma_-ODXFr1md5f0XEUAjxaHRZRqS6utusjZt3tA

Request Chain 155

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEEkLWWvy-cq7FnVUFpMEjYs&google_cver=1&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6SA6sFHQ7ulsteBuyFPpVTwbeIt88G3nm2LCGLz704ViWEcKk1X9byciBK-6HsWhs7_gVsMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkyODk&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6SA6sFHQ7ulsteBuyFPpVTwbeIt88G3nm2LCGLz704ViWEcKk1X9byciBK-6HsWhs7_gVsMg

Request Chain 156

https://trace.mediago.io/cs/google?google_gid=CAESEA731CkfkYYTmsHOG0OnBpo&google_cver=1&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1qeGsU_1RlNfLxFrHNBPM1R9XBVZPP1esX7yUDlT1jtrT6FLuo4NgqqyGWSWMCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1qeGsU_1RlNfLxFrHNBPM1R9XBVZPP1esX7yUDlT1jtrT6FLuo4NgqqyGWSWMCo&google_hm=1b7de7e8e7ea9cdd12g3ko00lp6nkb1q

Request Chain 166

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.1&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.1&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou

Request Chain 167

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.3&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.3&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou

Request Chain 181

https://gcdn.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B3C9C700875B431D711E5CBF7D8E9BB60131861C.2E305A3ED338DA8D8793AE78176FC1447BEF0B7C/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0562B45F0D521CBA00A7F50BC603E093443352E8.0F4F23B7BF7BAF2D6E092124710092C8DCBF8FBF/key/cms1/cms_redirect/yes/mh/di/mip/2001:df1:800:a004:1::8/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1700468935/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 182

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 183

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDFIHa7sZ4CWgIyDKA9phuc&google_cver=1&google_push=AXcoOmSJSVgA85upWBDf2pc3zLsLV0wBtZ7KxM0em5PNyozGlnMou_8VvK9cCte6m4bGfPqdtYGMp70-PqySggWV8pqHDSLLJidNe69xt_JYCiYqezErnZO7UdPPCnovOAv83Ggw37NIoXWm6KKgh2c6ravdnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmFkMTkzY2QtNWVhNy00NjdhLWI3ZWItMWI4ZDQxYTMxOTlh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a

Request Chain 184

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOdc9-9qAX6FS2a4meQAcho&google_cver=1&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOdc9-9qAX6FS2a4meQAcho&google_cver=1&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN&google_hm=UWXp_syzRA2739oUW5y2MQ==

Request Chain 185

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPfALLe_NRXu637RtweOUcA&google_cver=1&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr_WfK9GewIHJVpCbbobnTTW8D87SP5ktWOsok5Y_e70dArpdKMVklszF1-8Bl4TaGwL0OBcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkzMDI&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr_WfK9GewIHJVpCbbobnTTW8D87SP5ktWOsok5Y_e70dArpdKMVklszF1-8Bl4TaGwL0OBcw

Request Chain 187

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7mBr9xyBXvLGJ5xd0VBnJzBW9O92K7Y8Ku2KexfwhQMK4-ecI_u8JGExwFczWBn6tLbLLbDHVFEwyEpn6PkkyvGxoq2QT1Stg HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7mBr9xyBXvLGJ5xd0VBnJzBW9O92K7Y8Ku2KexfwhQMK4-ecI_u8JGExwFczWBn6tLbLLbDHVFEwyEpn6PkkyvGxoq2QT1Stg&uid-set=1

Request Chain 188

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMzXocdF0nznv_iNOQahJJI&google_cver=1&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q8DZZ3WhINk61EFteiq03JFxWvIkyLc1zGhHNn78lamo6PFwxhhoTlE--fT0GG56-0-mOIhuLuSiIPM6g7jJnedSY3GCE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q8DZZ3WhINk61EFteiq03JFxWvIkyLc1zGhHNn78lamo6PFwxhhoTlE--fT0GG56-0-mOIhuLuSiIPM6g7jJnedSY3GCE

Request Chain 194

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd0a863269c38c%26domain%3Dhafizrahim.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhafizrahim.com%252Ff16112fd69aad08%26relation%3Dparent.parent&container_width=334&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhafizrahimnetwork&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfd0a863269c38c%2526domain%253Dhafizrahim.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhafizrahim.com%25252Ff16112fd69aad08%2526relation%253Dparent.parent%26container_width%3D334%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fhafizrahimnetwork%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 205

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_pre=CPfC5oqW0oIDFQmJZgId5E0HUw;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 206

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGLGVyfwBIAEwAQ&v=APEucNWgEWyzfeVXAyI1bIoOthJNCcpt7dRi_-fb-THz1wcSNFexjXSWdt2Bm9ZbXlsjGd5RRHGnCY90T6vUGyqgKQ5zrEvBFNLqMVV1XqjQwQkA84Bzsns HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVsag6.uDLiZIGa.ngAShQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1CZkD6-oTY_Ad_KXdBm-Y&google_cver=1&google_hm=2

230 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hafizrahim.com/
Redirect Chain

http://hafizrahim.com/
https://hafizrahim.com/

143 KB
24 KB

85ms
42ms

Document
text/html

103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: b9ad775b7f6ae624f03e7ef2d9447af9b1fb108637945c19e664a49f5be9f8a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Nov 2023 08:36:17 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://hafizrahim.com/wp-json/>; rel="https://api.w.org/"
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Mon, 20 Nov 2023 08:36:17 GMT
location: https://hafizrahim.com/
server: LiteSpeed

GET
H2 200 blocks.style.build.css
hafizrahim.com/wp-content/plugins/embedpress/Gutenberg/dist/ 30 KB
5 KB 27ms
16ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1700008273
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: b461395fb8790df4a1668ee57e9ed40e73779a60b03b3c9f109abfc00ad916a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5104
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 style.min.css
hafizrahim.com/wp-content/plugins/ad-ace/assets/css/ 7 KB
2 KB 23ms
14ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1467
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 shoppable-images-front.min.css
hafizrahim.com/wp-content/plugins/ad-ace/assets/css/ 6 KB
1 KB 24ms
15ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1164
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 embedpress.css
hafizrahim.com/wp-content/plugins/embedpress/assets/css/ 38 KB
7 KB 27ms
18ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 09d11a0f05391a40f2f4d730c3f4da411f69d749da8f1fa0963d1b7beec60cdc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 6694
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 gallery.min.css
hafizrahim.com/wp-content/plugins/media-ace/includes/gallery/css/ 13 KB
2 KB 24ms
15ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/media-ace/includes/gallery/css/gallery.min.css?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 22 Jul 2021 07:17:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2160
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 page-takeover.css
hafizrahim.com/wp-content/plugins/page-takeover/css/ 7 KB
1 KB 28ms
19ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/page-takeover/css/page-takeover.css?ver=1.1.6
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 1d7cd98f9628efd7c08bbd85dc79f7cc659d2c8fde8829c37d061c9574400a39

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 04:02:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1036
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 29ms
11ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans&ver=6.4.1

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 08:36:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 twenty20.css
hafizrahim.com/wp-content/plugins/twenty20/assets/css/ 7 KB
1 KB 25ms
17ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/twenty20/assets/css/twenty20.css?ver=1.6.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0ed860fa118a699fdb451b9ea4c6fc38f7075c61de67c996c07ca04e086a55f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 24 Mar 2023 22:30:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1011
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 all-light.min.css
hafizrahim.com/wp-content/themes/bimber/css/9.2.3/styles/app/ 204 KB
30 KB 32ms
24ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/css/9.2.3/styles/app/all-light.min.css?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 89644846ac88606cd02587b056a70df72d695d28dc3e0e22899a3c69bc4543d1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:01 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 30836
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
659 B 29ms
12ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans%3A400%2C300%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&display=swap&ver=9.2.3

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d96159e5f31f887bf72186ae05a7eda7eeaa85a42696cb5bf7a7053509ef1914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 08:22:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 dynamic-style-1698734100.css
hafizrahim.com/wp-content/uploads/ 14 KB
2 KB 27ms
19ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/uploads/dynamic-style-1698734100.css
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: b76ab1ea6380e17886247e081619141eb105c51d6cd3abdc658e86048b5c2feb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Tue, 31 Oct 2023 06:35:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2384
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 style.css
hafizrahim.com/wp-content/plugins/aurora-heatmap/ 9 KB
2 KB 34ms
27ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/aurora-heatmap/style.css?ver=1.6.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: f741f7cf065fcc9052719f396b39cf6e5e73ae4f5b70e8d0ee9ab4be12aa654e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:37:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2035
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 sassy-social-share-public.css
hafizrahim.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
2 KB 38ms
30ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.56
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 16 Nov 2023 06:28:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2244
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 dashicons.min.css
hafizrahim.com/wp-includes/css/ 58 KB
34 KB 34ms
27ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/css/dashicons.min.css?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 18:46:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 35110
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 plyr.css
hafizrahim.com/wp-content/plugins/embedpress/assets/css/ 32 KB
5 KB 47ms
41ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/css/plyr.css?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4919
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 mashshare-light.min.css
hafizrahim.com/wp-content/themes/bimber/css/9.2.3/styles/app/ 8 KB
2 KB 49ms
43ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/css/9.2.3/styles/app/mashshare-light.min.css?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: ea06456472c513cb38d8f650d7e79d701db4b9f5612d74249ae67bc3f595205e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:01 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1647
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H2 200 jquery.min.js Show response
hafizrahim.com/wp-includes/js/jquery/ 86 KB
29 KB 39ms
32ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:34:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 29744
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
hafizrahim.com/wp-includes/js/jquery/ 13 KB
5 KB 45ms
39ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 07:45:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4678
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 slot-slideup.js Show response
hafizrahim.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
631 B 43ms
37ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace/assets/js/slot-slideup.js?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 598
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 shoppable-images-front.js Show response
hafizrahim.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/ 2 KB
628 B 50ms
45ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 595
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 coupons.js Show response
hafizrahim.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
581 B 48ms
43ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 548
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 advertisement.js Show response
hafizrahim.com/wp-content/plugins/ad-ace//includes/adblock-detector/ 114 B
154 B 47ms
42ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/ad-ace//includes/adblock-detector/advertisement.js?ver=1.3.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 7741a6ac75435b52202e93ffb3f2660ad40bc1a5b52886d2a04d899259eab005

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Fri, 23 Sep 2022 01:13:48 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 114
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 plyr.polyfilled.js Show response
hafizrahim.com/wp-content/plugins/embedpress/assets/js/ 117 KB
33 KB 50ms
45ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/js/plyr.polyfilled.js?ver=1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 57ff88bcf73a9a1211529bbab1275b88f0a645549b655fdcec74666feb1aaa3d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33458
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 modernizr-custom.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/modernizr/ 7 KB
3 KB 51ms
47ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2877
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 aurora-heatmap.min.js Show response
hafizrahim.com/wp-content/plugins/aurora-heatmap/js/ 101 KB
37 KB 51ms
48ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/aurora-heatmap/js/aurora-heatmap.min.js?ver=1.6.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 744f1c3ffac03de2b841aba36dbfe51a4f6a3d6ab47cb497bb81cd093ab1b8fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:37:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37865
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 99ms
39ms Script
application/javascript 2404:6800:4003:c1a::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3XF4Q7PP3G

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32b5dd9da58482f0066f80d7ad189ff3e20f4eb1b9c0de242e26f12e940616b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 g1-socials.woff
hafizrahim.com/wp-content/plugins/g1-socials/css/iconfont/fonts/ 9 KB
9 KB 52ms
48ms Font
font/woff 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/g1-socials/css/iconfont/fonts/g1-socials.woff
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c

Request headers

Referer: https://hafizrahim.com/
Origin: https://hafizrahim.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Tue, 13 Apr 2021 08:05:39 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8708
expires: Mon, 27 Nov 2023 08:36:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 94ms
34ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d5c84c2fc14f40ac8a5b55f625454b300ae5c013d67f621e7f0e92016112d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53073
x-xss-protection: 0
server: cafe
etag: 5682493807583802879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
50 KB 101ms
42ms Script
application/javascript 2404:6800:4003:c1a::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41420921-1

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

810192633ee89ab22466e2af663b0d02a3a37dd05c3fbad9175d2061a5bbc678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 514ms
462ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683b55a6a61d16ee40395cea5a26e8e95c030a2d66cc804ce72f6bc498ac1a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id: 01HFF6TK1QBBGBTRDC9VYAP0DK
date: Mon, 20 Nov 2023 08:36:18 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 667
cf-polished: origSize=4807
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"fcb908f6574508fc6908a80f47cdff66-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 828f5d4d6d2e40d4-SIN
link: <https://live.demand.supply/impl.v17.20.4.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/aGFmaXpyYWhpbS5jb20v>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 hafiz-rahim-text-logo.png
hafizrahim.com/wp-content/uploads/2019/09/ 6 KB
6 KB 49ms
46ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2019/09/hafiz-rahim-text-logo.png
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: cb580ab673973a6565101d297f46b401499c99c180020ebaa61462df41da8b24

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Wed, 17 Nov 2021 14:40:39 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 6226
expires: Mon, 27 Nov 2023 08:36:17 GMT

GET
H2 200 300x250.png
www.gbnetwork.my/images/promo/ 53 KB
54 KB 66ms
13ms Image
image/png 2606:4700:20::681a:de7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gbnetwork.my/images/promo/300x250.png
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:de7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a984b2ac29344e581cdc0597abcbb31087588feec1508f7a15c646cbb6a9c5e5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196185
cf-polished: origSize=54719, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 54626
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Jul 2021 15:55:01 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkZSOIUkS6t272I8xhGfxWCNJq7IoMO89n7tXBBQnTCh%2F101691pQ2JYdFPjL5VoDT0yG3B3KWjabvqAMiqVKzjyId4mHwCS1biRcFQTWyENuuLrEQukcG4pztsOTeDDBs8Bqbl3cP%2FtIBzIKAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 828f5d4d6d8d6bdb-SIN
expires: Sun, 17 Mar 2024 02:06:33 GMT

GET
H3 200 colorbox.css
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/ 6 KB
2 KB 13ms
13ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/colorbox.css?ver=1.4.33
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 85efaa77cf10441f55e363bfd472294f6a7e7b1b552ea0909bcf0d2af75163d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1509
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H3 200 styles.css
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/templates/list/ 1 KB
442 B 13ms
13ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/templates/list/styles.css?ver=4.23.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: a2552cfab09da1725d0cadf46862d82ac7e36bbc13a8240c3ee309546f193305

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 421
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H3 200 pagination.min.css
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/build/ 165 B
196 B 13ms
13ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/css/build/pagination.min.css?ver=4.23.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0c612ac6911cda964e552741c615fb346b99f88ae4f752bb2b8741a6223c5a52

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 165
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H3 200 screen-basic.min.css
hafizrahim.com/wp-content/plugins/g1-socials/css/ 8 KB
2 KB 25ms
25ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/g1-socials/css/screen-basic.min.css?ver=1.2.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Tue, 13 Apr 2021 08:05:39 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1709
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H3 200 snapcode.min.css
hafizrahim.com/wp-content/plugins/g1-socials/css/ 718 B
247 B 21ms
20ms Stylesheet
text/css 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/g1-socials/css/snapcode.min.css?ver=1.2.27
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Tue, 13 Apr 2021 08:05:39 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 226
expires: Wed, 20 Dec 2023 08:36:17 GMT

GET
H3 200 pdfobject.min.js Show response
hafizrahim.com/wp-content/plugins/embedpress/assets/js/ 13 KB
4 KB 28ms
13ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.9.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 3a3fcee601e829af094ce197af4a7e839296ac3a944dd8f6673997586c57a385

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4098
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 initplyr.js Show response
hafizrahim.com/wp-content/plugins/embedpress/assets/js/ 9 KB
3 KB 32ms
17ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/js/initplyr.js?ver=3.9.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: cbef33084dd0de133e8d0c2d2588eae77f386cb638f443b67640f18e23b0dae0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2584
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 front.js Show response
hafizrahim.com/wp-content/plugins/embedpress/assets/js/ 20 KB
4 KB 32ms
17ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/js/front.js?ver=3.9.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 8f13c7600f9f1d9e0f396719a3465c24fac9a908cd81cfa2abb2d286b6349c72

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4519
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 documents-viewer-script.js Show response
hafizrahim.com/wp-content/plugins/embedpress/assets/js/ 10 KB
2 KB 34ms
19ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/embedpress/assets/js/documents-viewer-script.js?ver=3.9.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c3dc83cc4fb3fc6535c5e5fb061fc5ea193f7ff61c5e8f539f76c68b42d80a40

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:31:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2326
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 lazysizes.min.js Show response
hafizrahim.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/ 7 KB
3 KB 38ms
23ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/lazysizes.min.js?ver=4.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 22 Jul 2021 07:17:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3221
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 ls.unveilhooks.min.js Show response
hafizrahim.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ 2 KB
713 B 38ms
23ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ls.unveilhooks.min.js?ver=5.2.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 80107f11f8fef70c5d2d2ff48293c1fddc0a7f904b00412d121d717bf454e14b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 22 Jul 2021 07:17:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 691
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 gallery.js Show response
hafizrahim.com/wp-content/plugins/media-ace/includes/gallery/js/ 12 KB
2 KB 39ms
24ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/media-ace/includes/gallery/js/gallery.js?ver=1.4.12
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 22 Jul 2021 07:17:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2372
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.twenty20.js Show response
hafizrahim.com/wp-content/plugins/twenty20/assets/js/ 2 KB
879 B 39ms
25ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/twenty20/assets/js/jquery.twenty20.js?ver=1.6.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c2886ec47bcf16bbad2b48028698188bffd56bf59fefeb3b82bfac8a2120afaf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 24 Mar 2023 22:30:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 834
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.event.move.js Show response
hafizrahim.com/wp-content/plugins/twenty20/assets/js/ 5 KB
2 KB 40ms
25ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/twenty20/assets/js/jquery.event.move.js?ver=1.6.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 512e43cff32041e14e69d9030c2eb73871e61aba905c1968eda47ae0cef9cb7b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 24 Mar 2023 22:30:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1867
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 stickyfill.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/stickyfill/ 6 KB
2 KB 40ms
26ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2088
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 placeholders.jquery.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
2 KB 42ms
27ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2181
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.timeago.js Show response
hafizrahim.com/wp-content/themes/bimber/js/jquery.timeago/ 7 KB
2 KB 42ms
28ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2249
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.timeago.en.js Show response
hafizrahim.com/wp-content/themes/bimber/js/jquery.timeago/locales/ 455 B
237 B 43ms
29ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.en.js
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 216
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 matchmedia.js Show response
hafizrahim.com/wp-content/themes/bimber/js/matchmedia/ 2 KB
636 B 44ms
30ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/matchmedia/matchmedia.js
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 614
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 matchmedia.addlistener.js Show response
hafizrahim.com/wp-content/themes/bimber/js/matchmedia/ 3 KB
906 B 44ms
31ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 884
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 picturefill.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/picturefill/ 8 KB
3 KB 45ms
32ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3007
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.waypoints.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
3 KB 45ms
32ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2540
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 enquire.min.js Show response
hafizrahim.com/wp-content/themes/bimber/js/enquire/ 2 KB
956 B 46ms
33ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 934
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 global.js Show response
hafizrahim.com/wp-content/themes/bimber/js/ 46 KB
10 KB 46ms
34ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/global.js?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: f6abddbe5d6b87ebdfc3ef94d51cb72b139804c2ad38ee3ed1aeb591012b5076

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10634
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 core.min.js Show response
hafizrahim.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 48ms
35ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Mon, 10 Apr 2023 01:49:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6801
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 menu.min.js Show response
hafizrahim.com/wp-includes/js/jquery/ui/ 10 KB
3 KB 49ms
36ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Mon, 10 Apr 2023 01:49:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2883
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
hafizrahim.com/wp-includes/js/dist/vendor/ 8 KB
2 KB 50ms
37ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Mon, 10 Apr 2023 01:49:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2320
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 regenerator-runtime.min.js Show response
hafizrahim.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 50ms
38ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:34:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2402
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 wp-polyfill.min.js Show response
hafizrahim.com/wp-includes/js/dist/vendor/ 112 KB
34 KB 51ms
38ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:34:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34605
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 dom-ready.min.js Show response
hafizrahim.com/wp-includes/js/dist/ 498 B
325 B 54ms
42ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 09:34:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 281
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 hooks.min.js Show response
hafizrahim.com/wp-includes/js/dist/ 5 KB
1 KB 54ms
43ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 07:45:40 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1486
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 i18n.min.js Show response
hafizrahim.com/wp-includes/js/dist/ 9 KB
4 KB 55ms
43ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 07:45:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3568
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 a11y.min.js Show response
hafizrahim.com/wp-includes/js/dist/ 2 KB
856 B 55ms
43ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 07:45:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 834
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 autocomplete.min.js Show response
hafizrahim.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 55ms
44ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Mon, 10 Apr 2023 01:49:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2677
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 ajax-search.js Show response
hafizrahim.com/wp-content/themes/bimber/js/ 2 KB
648 B 55ms
44ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/ajax-search.js?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 626
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 sassy-social-share-public.js Show response
hafizrahim.com/wp-content/plugins/sassy-social-share/public/js/ 122 KB
39 KB 55ms
44ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.56
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Thu, 16 Nov 2023 06:28:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39778
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 analyticsjs.js Show response
hafizrahim.com/wp-content/plugins/reduce-bounce-rate/js/ 2 KB
771 B 57ms
46ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/reduce-bounce-rate/js/analyticsjs.js?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 6afa1887c4a43dc98bc31212f61480320973a2d89b7defb0c6c5988797b9fc1e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2017 06:33:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 726
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 skin-mode.js Show response
hafizrahim.com/wp-content/themes/bimber/js/ 2 KB
467 B 57ms
46ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/skin-mode.js?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: d3d236c74facff33fc1302180e76dc2eaaccf3afb578e64af84d6043e285c695

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 445
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 jquery.colorbox-min.js Show response
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/ 11 KB
4 KB 57ms
46ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/jquery.colorbox-min.js?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 04267038608d360c78254e55ab98e75045067567996e7dc7f1501784718dabbe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4390
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 custom.js Show response
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/ 200 B
230 B 58ms
47ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/custom.js?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: e673f59c399d0bf47ab75353221bac529c23a56fd799563fb74f0d9c94e9b143

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 200
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 wpra-manifest.min.js Show response
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/build/ 806 B
438 B 58ms
47ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/build/wpra-manifest.min.js?ver=4.23.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0ecdd4dc20b4bd48f33d26dfdfa035df3e6ac30d6b1990cef64b1d8fdd187158

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 416
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 pagination.min.js Show response
hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/build/ 1 KB
583 B 58ms
48ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/plugins/wp-rss-aggregator/js/build/pagination.min.js?ver=4.23.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0b3e890ebf2b7b5cd1e630719222e33544edeff17c722a0d2c70a5a587dfb694

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 00:32:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 561
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
H3 200 back-to-top.js Show response
hafizrahim.com/wp-content/themes/bimber/js/ 1 KB
454 B 58ms
48ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/js/back-to-top.js?ver=9.2.3
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:41:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 432
expires: Tue, 19 Nov 2024 08:36:17 GMT

GET
BLOB 200
OK 609662c9-9df5-4cdc-b84a-6f2295936a20
https://hafizrahim.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hafizrahim.com/609662c9-9df5-4cdc-b84a-6f2295936a20
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
82 KB 68ms
10ms Script
application/javascript 2404:6800:4003:c1a::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZHFPQQ

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b41b46b185d0b140a5daaa26e9591411ee794c332e66d7905dfa45485af12d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83502
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 65ms
4ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 7a0bde1acd31ff832a492f3790d5128d22a1a988e0af81a429e74e2e6ad10e3c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: EAW966NG7S7AWK07
cdn-cachedat: 11/16/2023 00:10:37
cdn-pullzone: 1686293
x-amz-id-2: VZI4KArN4qovWslz2Yix4PGuVpqdfhOBlUKQwGMPQPlg9vl779dPj1lPy4rTIbzRJrESWF39cfY=
last-modified: Thu, 16 Nov 2023 00:06:34 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"932b89f108df60f6a47590d035bcff7e"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=600
cdn-requestid: 7a4a9a37836fd2733d0dfd8102b26eff
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ti.js Show response
cdn.tynt.com/ 54 KB
18 KB 90ms
30ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/ti.js
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09e7f97b4d28cbb8aecdd36823014cbeb127ce4973f3c17408519741ebf8932

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 127976
etag: W/"651ed192-d615"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 828f5d4e3ae93fca-SIN
expires: Thu, 23 Nov 2023 08:36:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 59ms
3ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 08:36:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: KaDGdj8iK01jXlt+SK0sTf7FU+I6w36qfeoRR8mnES2yfh3E3laI7xEl0z+3m5LGHTPb5eLayg0zuO8O2CPs8A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e4fd4a7e8c3d71dc45afe3817f4a837bb6cb4f3a0e2f56778ea17feb9a85c1e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 58ms
2ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans%3A400%2C300%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&display=swap&ver=9.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hafizrahim.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:10 GMT
x-content-type-options: nosniff
age: 312608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 17:46:10 GMT

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9b4f49fb6b76967da374f36b46574c8227e60a1f87a371e6299746856ff1c3e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 124c834c3652d89f509de3c9af695a662b16deeba4ee6f07e4689ea115e5f46f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d06b180361e164e48f2010723c8844c4d1914e9a91f76e4d0773b49ad836d07

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bimber.woff
hafizrahim.com/wp-content/themes/bimber/css/9.2.3/bunchy/fonts/ 11 KB
11 KB 25ms
13ms Font
font/woff 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-content/themes/bimber/css/9.2.3/bunchy/fonts/bimber.woff
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: cf8f10bd933e45c08c4528efb6b831bd3970e130763376577040e0fce3bdb39d

Request headers

Referer: https://hafizrahim.com/
Origin: https://hafizrahim.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Fri, 23 Sep 2022 00:41:01 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10904
expires: Mon, 27 Nov 2023 08:36:17 GMT

GET
H3 200 Logo-KBBA-transparent.png
hafizrahim.com/wp-content/uploads/2016/12/ 49 KB
49 KB 15ms
14ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2016/12/Logo-KBBA-transparent.png
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 455eaaa14bd2055b7e4b6b2e8d30afd2d9a6cc103609f1d0826c578e374e93f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:17 GMT
last-modified: Wed, 17 Nov 2021 14:42:25 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 49768
expires: Mon, 27 Nov 2023 08:36:17 GMT

GET
H2 200 69.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 114 KB
38 KB 27ms
8ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/69.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 33bc1e4cb0149bcd78b51946dd003707ffa7ecfce57fc898f60a2ca39538cfbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: EBDFBXTVAH02AC88
cdn-cachedat: 11/16/2023 00:08:36
cdn-pullzone: 1686293
x-amz-id-2: LmicycSV3vbDcGLko6jq8wCr9RTQt7T62jSwCE3xWJSj/wuMltRzlYOnRwg3e5LMg/e813Da5OQ=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3dae70388578c04a238027665e47b465"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: d95c95671016ede3659fecc042e08040
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 70.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 305 KB
106 KB 21ms
3ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/70.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 9e016bbbbe591db632165d4255231af7e360444d9a3663dbb3c4920221f752b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: EBD2CW7HK3QEC3W6
cdn-cachedat: 11/16/2023 00:08:36
cdn-pullzone: 1686293
x-amz-id-2: jzj3w5ik9Fjv/MaDpBq34ZpSVGK3AULp8uR+SbX70KJzIlYgBNq4CfYs2E7EMFyZvln7r/8lACo=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ce53ffc45beb6c36c13f83022b5dda94"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 88c6b63c98ba732e8aa999ed9b0bdff9
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dCP67qt5Or46auacwqm_6r.js Show response
sc.tynt.com/script/sc/ 92 B
460 B 37ms
20ms Script
text/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/dCP67qt5Or46auacwqm_6r.js

Requested by

Host: cdn.tynt.com
URL: https://cdn.tynt.com/ti.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

198359871a634334d08257078cf84793c289cbb9d8c64c2a4a08251f93f6aa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63733
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: f27f3faa-231f-41eb-adc7-eb762b9e7c5a
x-runtime: 0.002646
x-content-digest: 97723af4a1cc157f99d86836884286220d21209e
last-modified: Sat, 18 Nov 2023 15:06:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public, s-maxage=172800
cf-ray: 828f5d4f8c1a3fca-SIN
x-rack-cache: fresh
expires: Sun, 19 Nov 2023 21:31:05 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

801d5c66ec9b9f884f5e06dca6d23bec46962c393bc824b41b846c14ccedb2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 08:36:18 GMT
content-md5: d2SWaEa6XAP0Hnb5sGXx7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: 9+leFZb7RYMFpJ8HAT03sYHpHVQvmB/KsLFx83PBF+BEjnEe6s1OjnQ+AibFI/aUGP/zD95dUMskojfM+dZ7WA==
x-fb-content-md5: da96a5244e348bee5ccea4cf504ea82c
cross-origin-opener-policy: same-origin-allow-popups
etag: "af90be080176d76aa77e3968a7bfeb5c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:53:50 GMT

GET
H3 200 Jalan-Glow-In-The-Dark.jpeg
hafizrahim.com/wp-content/uploads/2023/11/ 20 KB
20 KB 18ms
16ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/11/Jalan-Glow-In-The-Dark.jpeg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 60503484012ef4223a65cba598a0b01fa62c2baf01a8468a186d497775c3f041

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Thu, 16 Nov 2023 02:33:28 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 20472
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 Topup-gas-tukar-minyak-aircond-vios.jpeg
hafizrahim.com/wp-content/uploads/2023/10/ 84 KB
84 KB 43ms
41ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/10/Topup-gas-tukar-minyak-aircond-vios.jpeg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 099e1a6073195722ce0df54d17a68361349d7c273846ea41cce981ad2a23afe8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Fri, 20 Oct 2023 12:24:27 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 85892
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 Taji-Move-5421-Bangi-1-500x281.jpg
hafizrahim.com/wp-content/uploads/2023/08/ 13 KB
13 KB 37ms
35ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/08/Taji-Move-5421-Bangi-1-500x281.jpg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 0680d788f9d9de42544f62b8401729768fded8167eccb3de650a45b89522d973

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Thu, 03 Aug 2023 03:00:16 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 13708
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 Vios-Tukar-Tayar-Terpakai-Continental-UltraContact-UC6-500x281.jpeg
hafizrahim.com/wp-content/uploads/2023/05/ 19 KB
19 KB 38ms
36ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/05/Vios-Tukar-Tayar-Terpakai-Continental-UltraContact-UC6-500x281.jpeg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 756336e4fe6f627cf53a0e94f892e8bdb49d3e8abe69f81b668dad2661607096

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Mon, 22 May 2023 12:26:05 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 19508
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 Pasang-Cermin-Depan-Vios.jpeg
hafizrahim.com/wp-content/uploads/2023/04/ 91 KB
91 KB 36ms
35ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/04/Pasang-Cermin-Depan-Vios.jpeg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: f88f6f2e66915f4e309f6d94ae53f62b0017b433efc10060f5b23c621ea46ae6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Tue, 18 Apr 2023 22:02:46 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 93024
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 ohtshirt-print-tshirt-murah-500x281.jpg
hafizrahim.com/wp-content/uploads/2023/04/ 24 KB
24 KB 22ms
20ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/04/ohtshirt-print-tshirt-murah-500x281.jpg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 8387cc64ba490dfb6c12e0acbbd7a4511502848e4866e88473b6e673aab92cef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Fri, 31 Mar 2023 22:24:05 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 24222
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H3 200 Homestay-Murah-Bangi-500x281.jpg
hafizrahim.com/wp-content/uploads/2023/03/ 14 KB
14 KB 31ms
30ms Image
image/webp 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hafizrahim.com/wp-content/uploads/2023/03/Homestay-Murah-Bangi-500x281.jpg
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: ca3db6575ce552baf740c2d5367e61a0a02b956d724e6ad500d01f82382b676a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
last-modified: Tue, 14 Mar 2023 11:49:51 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 14268
expires: Mon, 27 Nov 2023 08:36:18 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 43ms
36ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3af280f0990482b54513814ccd47932b572ac1b38795dee6d7d3f99cde229b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137253
x-xss-protection: 0
server: cafe
etag: 2331729761798527903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 9D02 9 KB
4 KB 20ms
4ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 50629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 18:32:29 GMT
etag: 16674218716276178799
expires: Sun, 03 Dec 2023 18:32:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 560540786038023 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 202ms
202ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/560540786038023?v=2.9.138&r=stable&domain=hafizrahim.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bd87f4434dcfb2850efaac493330ace60f5f30a114d5ed1300c534b3cacfb03

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 08:36:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uzegOnQ9V+cTxu+2EtX+JTocbzrCKdcEdTazucxs/4Q2C9fUq1/qTPPa+o2IfJQLGj6D3IWHcx6Q/jVrdvffKQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
hafizrahim.com/wp-includes/js/ 18 KB
5 KB 13ms
13ms Script
application/javascript 103.161.132.8
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://hafizrahim.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.161.132.8 Kuala Lumpur, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: neutron.gbnetwork.my
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
last-modified: Mon, 10 Apr 2023 01:49:04 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4651
expires: Tue, 19 Nov 2024 08:36:18 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 715ms
236ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=dCP67qt5Or46auacwqm_6r&lm=0&ts=1700469378648&dn=TI&iso=0&pu=https%3A%2F%2Fhafizrahim.com%2F&t=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&chmob=0
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 18ms
4ms Script
text/javascript 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41420921-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 07:13:46 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4952
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 20 Nov 2023 09:13:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005788863/ 3 KB
1 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005788863/?random=1700469378673&cv=11&fst=1700469378673&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9103281051&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhafizrahim.com%2F&hn=www.googleadservices.com&frm=0&tiba=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&us_privacy=error&auid=60695885.1700469379&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZHFPQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0583a425b34153cf9b8fcc2a3c8583a5b1f3e5e2071ab84dcd2530fff3098577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 5ms
4ms Ping
text/plain 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3XF4Q7PP3G&gtm=45je3b81v890531420z89103281051&_p=1700469378197&gcd=11l1l1l1l1&dma=0&cid=1679573734.1700469379&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700469378&sct=1&seg=0&dl=https%3A%2F%2Fhafizrahim.com%2F&dt=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=755
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3XF4Q7PP3G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.20.4.js Show response
live.demand.supply/ 84 KB
27 KB 140ms
139ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.20.4.js

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa16d61f8f5e504c28450a019c3ead3accb3f1d06cd1d949a5f2a38a2b19518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id: 01HFF68XFA2JRNCAHZHFHQF80X
date: Mon, 20 Nov 2023 08:36:18 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 226170
cf-polished: origSize=86221
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"62af5a4517813c3e635ae8cd24c15cbd-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 828f5d512a3940d4-SIN

GET
H2 200 aGFmaXpyYWhpbS5jb20v Show response
live.demand.supply/p4/v17-10-0/ 156 B
238 B 358ms
358ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/aGFmaXpyYWhpbS5jb20v
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 828f5d512a3a40d4-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 v2 Show response
de.tynt.com/deb/ 811 B
2 KB 721ms
237ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=dCP67qt5Or46auacwqm_6r&dn=TI&cc=1&chmob=0&r=&pu=https%3A%2F%2Fhafizrahim.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/ti.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 59a3f0a7cd6b65c1bcea7ae2b5a9ef5ecb4d90aa44cadf5d4f137049d1fbbe3b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 20 Nov 2023 08:36:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 811
expires: Sat, 26 Jul 1997 05:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
484 B 114ms
106ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=519&cs=c&dsReferer=aGFmaXpyYWhpbS5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id: 01HE2YFK5NN8NC4DEX9VXFKMDS
date: Mon, 20 Nov 2023 08:36:18 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1677394
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 828f5d516f834115-SIN

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 34ms
19ms Script
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f436911f8cf516ba9aa855dfb4abc3661bb2af564904a6171fafb76b367ccaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30325
x-xss-protection: 0
server: cafe
etag: 278 / 19681 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:36:18 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
623 B 105ms
99ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id: 01HDGDYDM4PA9N8MXRQNK3AC0C
date: Mon, 20 Nov 2023 08:36:18 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 971340
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 828f5d516f844115-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 10ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2a8a6e48af0d1ca4f965b2484c4812e2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7b5a2b1e94c762b04132e3f3fb140801e9b9ff55aeba4f1e32152df4e5a43ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hafizrahim.com/
Origin: https://hafizrahim.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 08:36:18 GMT
content-md5: 8Ht4+xBhtlHIKk01XNhyyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88303
reporting-endpoints
x-fb-debug: FrzSJ2pwr0yHjhN8R0HFHO28KWHhy20euZMLH853gOcdMV5fHiAxufjtrqjpSgd9DiER1lQjW6tYrjkliaMFqg==
x-fb-content-md5: 540c2924d3f02a84308a1c9112ee435a
cross-origin-opener-policy: same-origin-allow-popups
etag: "099dc27e05dd20ebfc5a010fbe26a983"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Nov 2024 08:05:14 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1005788863/ 42 B
455 B 22ms
11ms Image
image/gif 2404:6800:4003:c03::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005788863/?random=1700469378673&cv=11&fst=1700467200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9103281051&u_w=1600&u_h=1200&url=https%3A%2F%2Fhafizrahim.com%2F&frm=0&tiba=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&fmt=3&is_vtc=1&cid=CAQSGwDICaaNKr9_CqwHGMGQ4O0wNgHmdkwZJnR4Ig&random=2653586032&rmt_tld=0&ipr=y

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::93 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/1005788863/ 42 B
455 B 25ms
11ms Image
image/gif 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/1005788863/?random=1700469378673&cv=11&fst=1700467200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9103281051&u_w=1600&u_h=1200&url=https%3A%2F%2Fhafizrahim.com%2F&frm=0&tiba=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&fmt=3&is_vtc=1&cid=CAQSGwDICaaNKr9_CqwHGMGQ4O0wNgHmdkwZJnR4Ig&random=2653586032&rmt_tld=1&ipr=y

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 5ms
5ms XHR
text/plain 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1234947089&t=pageview&_s=1&dl=https%3A%2F%2Fhafizrahim.com%2F&ul=en-us&de=UTF-8&dt=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=911073076&gjid=1199348849&cid=1679573734.1700469379&tid=UA-41420921-1&_gid=1632918807.1700469379&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=467584500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 4ms
4ms XHR
text/plain 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1234947089&t=pageview&_s=1&dl=https%3A%2F%2Fhafizrahim.com%2F&ul=en-us&de=UTF-8&dt=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1292448253&gjid=1610350448&cid=1679573734.1700469379&tid=UA-41420921-1&_gid=1632918807.1700469379&_r=1&_slc=1&gtm=45He3b81n81WZHFPQQv9103281051&gcd=11l1l1l1l1&dma=0&z=1606739994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0725 114 KB
34 KB 359ms
358ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&adk=1812271804&adf=3025194257&lmt=1700469378&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378503&bpp=4&bdt=419&idt=392&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1825444603272&frm=20&pv=2&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=434

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c2f2b11e27c9280c2953390bb630897f5ef418286ce839e3e951ef633b3b52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
209 B 6ms
4ms XHR
text/plain 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41420921-1&cid=1679573734.1700469379&jid=911073076&gjid=1199348849&_gid=1632918807.1700469379&_u=YCDACUAABAAAACAAI~&z=430583505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Nov 2023 08:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 19ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=560540786038023&ev=PageView&dl=https%3A%2F%2Fhafizrahim.com%2F&rl=&if=false&ts=1700469378962&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700469378961.104079825&ler=empty&it=1700469378570&coo=false&rqm=GET

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 08:36:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4AB 724 B
383 B 323ms
322ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=280&slotname=1809803214&adk=2430090356&adf=2034072364&pi=t.ma~as.1809803214&w=1152&fwrn=4&fwrnh=100&lmt=1700469378&rafmt=1&format=1152x280&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378508&bpp=2&bdt=424&idt=460&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=537&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa044d18d7e8240a2a4438a7f3ff9f3f8ec666af6b89be029c0a1ddd0204836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6524
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 19 Nov 2024 06:47:35 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A25D 724 B
384 B 215ms
214ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=190&slotname=5994263952&adk=1394813288&adf=2842922880&pi=t.ma~as.5994263952&w=758&fwrn=4&lmt=1700469379&rafmt=11&format=758x190&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378511&bpp=1&bdt=428&idt=497&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=502

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bee50159a119efd6ac54f209d6a843185a79a3f63c2137ce11fbe7cde27b7f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 6ms
5ms XHR
text/plain 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41420921-1&cid=1679573734.1700469379&jid=1292448253&gjid=1610350448&_gid=1632918807.1700469379&_u=YCDACUABBAAAACAAI~&z=655940460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 107ms
107ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=aGFmaXpyYWhpbS5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.20.4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id: 01HE77H51ZEK9BVK4T0Q4J76SE
date: Mon, 20 Nov 2023 08:36:19 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 884193
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 828f5d52e9274115-SIN

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6506 724 B
386 B 284ms
283ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=190&slotname=5994263952&adk=1394813288&adf=2785701644&pi=t.ma~as.5994263952&w=758&fwrn=4&lmt=1700469379&rafmt=11&format=758x190&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378512&bpp=1&bdt=428&idt=513&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=4326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

938bfd6bbb0dfb32aa8eda404686c01a1d331d4b7777778aaa83a8207b0f878b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E15 93 KB
43 KB 260ms
259ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=600&slotname=8672092010&adk=1383706990&adf=2795377350&pi=t.ma~as.8672092010&w=300&lmt=1700469379&format=300x600&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378513&bpp=1&bdt=429&idt=526&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=530

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe848aff7a9258d89d74c0725f024daad6074b5edec17fc28cc496bf5fefdd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6B5 724 B
384 B 447ms
446ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=1148&slotname=3051332388&adk=4165257236&adf=4028191022&pi=t.ma~as.3051332388&w=334&cr_col=1&cr_row=13&fwrn=2&lmt=1700469379&rafmt=9&format=334x1148&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378514&bpp=1&bdt=430&idt=539&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190%2C300x600&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3c3f0aef77fb062fdb90f3f9d192658958c5c1608560ecfb62afe5564d932d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E15 42 B
63 B 56ms
56ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuB8TEa8hu3wXoyfpgycKyApFhj7kyMi1fKhwvBhvQ5DpLs2W_8aHzBo4N2t2I1c_0JKRkhsrj86LYn9PYrqnfc8ma7lD0KGJC4EY4ylLQ8kXgQ3I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=600&slotname=8672092010&adk=1383706990&adf=2795377350&pi=t.ma~as.8672092010&w=300&lmt=1700469379&format=300x600&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378513&bpp=1&bdt=429&idt=526&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=530

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E15 3 KB
1 KB 17ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 08:19:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E15 20 KB
9 KB 16ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 08:19:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E15 0
0 55ms
54ms Image
text/html 2404:6800:4003:c03::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO4PAW6XOfMv6BrFkQjJxsdWslSbyEWPjBZM0RRdWhrGGEgon1LD_NNYCPWPm8ylf775RRXH4f96-Lr3Wu5oLnM8K5fg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=600&slotname=8672092010&adk=1383706990&adf=2795377350&pi=t.ma~as.8672092010&w=300&lmt=1700469379&format=300x600&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378513&bpp=1&bdt=429&idt=526&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=530
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::93 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E15 202 KB
64 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:36:19 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 41B3 624 B
242 B 14ms
13ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiYSBD3keiZBBjm1JH-ATAB&v=APEucNUGUkeGQR47Tc7cKcOHlvAnGVDltidCENdPf8GDls3QdKbkoQCewOLa1jI53_cpkoQm_ccG_taqG7rpct8JrT_fU_AIyw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2012742621144598&output=html&h=600&slotname=8672092010&adk=1383706990&adf=2795377350&pi=t.ma~as.8672092010&w=300&lmt=1700469379&format=300x600&url=https%3A%2F%2Fhafizrahim.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700469378513&bpp=1&bdt=429&idt=526&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x190%2C758x190&nras=1&correlator=1825444603272&frm=20&pv=1&ga_vid=1679573734.1700469379&ga_sid=1700469379&ga_hid=1234947089&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809316%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4251035163134571&tmod=1106443129&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=530
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8E15 23 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 08:07:26 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 8E15 7 KB
3 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 13:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:06:34 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8E15 0
0 80ms
65ms Fetch
image/gif 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstu0FR4Q7fL4DUF0zrS_bvDd__huq_xkYr4cb6HVKibxFWf8MH8GvzsphnO0_fdjsSRa2OmGOa7PU6et4IXneCwaxNrt51q1WTi9BAWCMT2ymA7xX4JvRDrEVqDOZuLqZUoBHQDBjbIlPollKHA1XoYVsUQD3Vf0u1y4kk4sGe3nqzOG79vpE8tn7jvc9UFHgSHf39HPN5itaEtbfqpl7LysX-rsSzWTRDonzn1ihBkWrkais7WpY7pSgK3IRL8uIX5zC8OeOMGmKs4Q2OZs3gZunaEaaOh43tsV7Y9EPY929e2KNZYBYhRfdLiH_TraXEPuJoJONpm-LGeqs8LQLhLZ_QLkoMIm-cDTeGtTZI65hz-bTiH9-57nZxPeXE9LhVDjRdmgFz-zi8qOMHFD39orPFOu1GAcksuxNL9QTbQJ8UCACdFAgKIjN95FACt8whfz2kq1TmI-xK1g3-xenldZzir_OvcYIYdkTmnjPD9jxbTD7vViLuM-_6FzJMTOVmzqXzacbeNBCMZ-wsnCWmczerKwGCFC7uAQjwBzAhsW5RbpRvr9B0zYX11NLczXjZoTxJkqjPfMtG_NHh5op4LM63nBHZAcpsBvrfJJIw_relrjI8SVkQ48NKbewBoLw7BlFQfHZhwI0mTIhuwVVjzEgVYeLgu1IN4RZ-MO3hTFAIXHHV73TBo4BvE8PSXYVGRF5KOn_BMJwgW2XCLGd4yIHbx555lOSbZ-8vBPlLmXwAyqPLCN5hOLhXAS4wVw_eVe8HxIYLoEwZANDOjMLSaJRMT-8uFnaFyU-MVsqXm5whiRD9aDvAUV5m8DZdAmClG6WLwe7b5__pemmPQrbXwTceHmMqB9yYK1sXBWDsJb6UIGK5L0B_V_iv7p5UsfOk94hZkV6888tYE598OCfiJBU50eszmS_I4_D7jIzz4rCnY5WwyYHyhEE4gt6mWVEL9EinwttbwIpX0OUPSxtRrkG9lr2-t-tvbSK2CjPFf9h5GJAdCWQ-Oz2aVsmdmDn1RwTtaEbBW0WFLwtHUZGXq6j2RTYoNE7zpMR_2wqqo3tPHt5GtKB-fkt_QxvcA-_7pGO0VxcG9kn2SAjIkeifrJKSaXUqzXHmVP90-ESdO1GKRr5j7w8nrS4tlCRUVYDqhC-BAVKma-TegI7-v0-YirVFeWK8BI_QJbkKjFhYmBAAWMFDzir2uoWWmwiMlCvI439q58KZO2tSe_2s2lMnv4vHG9USGBzqNBhKv7141fozfVcQlk8JAXXzIxNz03ncu4CZkf6LBQvHLuXumYWZNaONBJ1_Sf6zPyoBxJmFQrcff7tQzmvXNSwPTOiC1MPFKINcB6hILCH0yHpNoou7lkiNRri9GyQ7WKzPMm4JQPIYf0lVh8YaSQLe6yZKPFQ&sai=AMfl-YRwH9jY3QniiK8_K-KjkToArjtLSL2hQQUtn5t8wsHGvXuLhEzMoPFCe-mbUDHC0l0rzsMvpM5ZOksoSH2XeD88AlGk9W8xNSlX9XPLvJuv3UZD-sIAfNLPLrG4b7DYQvCInQbodYZrIvQqhDKG6e59wa4PjN54xzmfoRyLkThaZfO_4RNgS0hxk6TAH_fmm3Xdl2PWeBxjQwU5pFa4EWAW5XzBil2IBpQEBWzdAFO-FkULuzWvJj_60Gjow6G7xJ8gPTW-UfJHEPsSmDNv72Hj3f6ZnbZNa29AcL7guo9SAV0W4y2L2r9wspGLqfQy1C4K20gp13d3jqBjijLeBCiBj0wXCFAN5ciI3NaD6QGy--o8WlliVypftiuqlXpyP-Rvz9BVxuxyWumQ-nzqiOqEBFv28PG6UxFnLXWV&sig=Cg0ArKJSzCNFdQBrJdmMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWx2aW5rbGVpbi5jb20uc2c&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.54189&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E15 41 KB
14 KB 6ms
3ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 08:19:53 GMT

GET
H2 200 259006891316752463
s0.2mdn.net/simgad/ Frame 8E15 32 KB
33 KB 15ms
4ms Image
image/jpeg 2404:6800:4003:c1a::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/259006891316752463

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::95 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcdcbf0b9a9f51e2347ea4a9b813c7f8a8b07dd341dfb2f42c8352a2d1b563f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:56:42 GMT
x-content-type-options: nosniff
age: 308377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 01:46:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 18:56:42 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 21ms
20ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dec29022b9707e60fc422798a13a6e194a6ee2d49398afde6643c8c15e0782e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55850
x-xss-protection: 0
server: cafe
etag: 7987889679260111313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 08:36:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC86 1 KB
643 B 6ms
5ms Document
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 50055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 18:42:04 GMT
etag: 48472445140208031
expires: Mon, 20 Nov 2023 18:42:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 41B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&C=1

43 B
770 B

25ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiYSBD3keiZBBjm1JH-ATAB&v=APEucNUGUkeGQR47Tc7cKcOHlvAnGVDltidCENdPf8GDls3QdKbkoQCewOLa1jI53_cpkoQm_ccG_taqG7rpct8JrT_fU_AIyw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WF2vhwY0PTQofxh9crjXE0sbJCBu%2B2YQGll42qnkWB0coTqvZ0TJ4QxkmXBVBTzSN4ZGpl1%2F4vkcp74uuAVqmOzWc8Ehd%2Fzgm0uTlwxJsk7gwOrqW5pKLsa4Etzrhxw8fq5Yc%2F9IANg8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 828f5d55c98d564c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veqbLWA%2FZx4pEWK1ZXR3k60ppiXrS79IjqArl1G81lCOyGqySg5E1wdoxC%2F1WiIT%2BDbXOxCyAQ0QpwWu%2Bbq4TUgNzXhisVuuhMtNSqJKxdWIGqTquYffnZsKKLvwv6lJ2Cbv6heHCDPxvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 828f5d5558368952-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 41B3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVsag6.uDLiZIGa.ngAShQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&google_hm=2

43 B
736 B

18ms
17ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiYSBD3keiZBBjm1JH-ATAB&v=APEucNUGUkeGQR47Tc7cKcOHlvAnGVDltidCENdPf8GDls3QdKbkoQCewOLa1jI53_cpkoQm_ccG_taqG7rpct8JrT_fU_AIyw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaUUKTarT%2FULGQ6s6AmQybdsPtNcn0R%2BRvHfxg4Oq8Qe6sLae6X4HVo0br6HVrJGNC%2BbsAGgHooZHj9KRuxTZbcUDsT%2FNpnogKaZ9LzWbfvKhAkK0mgE%2BADUB4fxS38gKSuiRx8DUhoiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 828f5d55d995564c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0UjWKuE5X0nLAEztnecSU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 41B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHjgyn4_SkNFfKva0dnbtTY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjgyn4_SkNFfKva0dnbtTY%26google_cver%3D1

43 B
893 B

8ms
8ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjgyn4_SkNFfKva0dnbtTY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiYSBD3keiZBBjm1JH-ATAB&v=APEucNUGUkeGQR47Tc7cKcOHlvAnGVDltidCENdPf8GDls3QdKbkoQCewOLa1jI53_cpkoQm_ccG_taqG7rpct8JrT_fU_AIyw

Protocol

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
an-x-request-uuid: c4010013-3f41-4016-b0fc-b580b72aa55a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.254.153.206; 103.254.153.206; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
an-x-request-uuid: f4022f34-c02c-40a7-9669-1d5005e818af
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjgyn4_SkNFfKva0dnbtTY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.254.153.206; 103.254.153.206; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 41B3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUyNjY2NjQ4NDczMjAxMA%3D%3D

170 B
243 B

9ms
8ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUyNjY2NjQ4NDczMjAxMA%3D%3D

Requested by

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
an-x-request-uuid: cd7fa9ca-2453-4be2-9663-929e3f92cc99
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUyNjY2NjQ4NDczMjAxMA%3D%3D
x-proxy-origin: 103.254.153.206; 103.254.153.206; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8E15 0
0 58ms
57ms Fetch
image/gif 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstu0FR4Q7fL4DUF0zrS_bvDd__huq_xkYr4cb6HVKibxFWf8MH8GvzsphnO0_fdjsSRa2OmGOa7PU6et4IXneCwaxNrt51q1WTi9BAWCMT2ymA7xX4JvRDrEVqDOZuLqZUoBHQDBjbIlPollKHA1XoYVsUQD3Vf0u1y4kk4sGe3nqzOG79vpE8tn7jvc9UFHgSHf39HPN5itaEtbfqpl7LysX-rsSzWTRDonzn1ihBkWrkais7WpY7pSgK3IRL8uIX5zC8OeOMGmKs4Q2OZs3gZunaEaaOh43tsV7Y9EPY929e2KNZYBYhRfdLiH_TraXEPuJoJONpm-LGeqs8LQLhLZ_QLkoMIm-cDTeGtTZI65hz-bTiH9-57nZxPeXE9LhVDjRdmgFz-zi8qOMHFD39orPFOu1GAcksuxNL9QTbQJ8UCACdFAgKIjN95FACt8whfz2kq1TmI-xK1g3-xenldZzir_OvcYIYdkTmnjPD9jxbTD7vViLuM-_6FzJMTOVmzqXzacbeNBCMZ-wsnCWmczerKwGCFC7uAQjwBzAhsW5RbpRvr9B0zYX11NLczXjZoTxJkqjPfMtG_NHh5op4LM63nBHZAcpsBvrfJJIw_relrjI8SVkQ48NKbewBoLw7BlFQfHZhwI0mTIhuwVVjzEgVYeLgu1IN4RZ-MO3hTFAIXHHV73TBo4BvE8PSXYVGRF5KOn_BMJwgW2XCLGd4yIHbx555lOSbZ-8vBPlLmXwAyqPLCN5hOLhXAS4wVw_eVe8HxIYLoEwZANDOjMLSaJRMT-8uFnaFyU-MVsqXm5whiRD9aDvAUV5m8DZdAmClG6WLwe7b5__pemmPQrbXwTceHmMqB9yYK1sXBWDsJb6UIGK5L0B_V_iv7p5UsfOk94hZkV6888tYE598OCfiJBU50eszmS_I4_D7jIzz4rCnY5WwyYHyhEE4gt6mWVEL9EinwttbwIpX0OUPSxtRrkG9lr2-t-tvbSK2CjPFf9h5GJAdCWQ-Oz2aVsmdmDn1RwTtaEbBW0WFLwtHUZGXq6j2RTYoNE7zpMR_2wqqo3tPHt5GtKB-fkt_QxvcA-_7pGO0VxcG9kn2SAjIkeifrJKSaXUqzXHmVP90-ESdO1GKRr5j7w8nrS4tlCRUVYDqhC-BAVKma-TegI7-v0-YirVFeWK8BI_QJbkKjFhYmBAAWMFDzir2uoWWmwiMlCvI439q58KZO2tSe_2s2lMnv4vHG9USGBzqNBhKv7141fozfVcQlk8JAXXzIxNz03ncu4CZkf6LBQvHLuXumYWZNaONBJ1_Sf6zPyoBxJmFQrcff7tQzmvXNSwPTOiC1MPFKINcB6hILCH0yHpNoou7lkiNRri9GyQ7WKzPMm4JQPIYf0lVh8YaSQLe6yZKPFQ&sai=AMfl-YRwH9jY3QniiK8_K-KjkToArjtLSL2hQQUtn5t8wsHGvXuLhEzMoPFCe-mbUDHC0l0rzsMvpM5ZOksoSH2XeD88AlGk9W8xNSlX9XPLvJuv3UZD-sIAfNLPLrG4b7DYQvCInQbodYZrIvQqhDKG6e59wa4PjN54xzmfoRyLkThaZfO_4RNgS0hxk6TAH_fmm3Xdl2PWeBxjQwU5pFa4EWAW5XzBil2IBpQEBWzdAFO-FkULuzWvJj_60Gjow6G7xJ8gPTW-UfJHEPsSmDNv72Hj3f6ZnbZNa29AcL7guo9SAV0W4y2L2r9wspGLqfQy1C4K20gp13d3jqBjijLeBCiBj0wXCFAN5ciI3NaD6QGy--o8WlliVypftiuqlXpyP-Rvz9BVxuxyWumQ-nzqiOqEBFv28PG6UxFnLXWV&sig=Cg0ArKJSzCNFdQBrJdmMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWx2aW5rbGVpbi5jb20uc2c&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=36&vt=11&dtpt=34&dett=2&cstd=0&cisv=r20231109.54189&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8E15 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4354d085fe7d662098d6cd646600af9fe7ee492622cdce1a64f9ac70b3b799e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 5ms
4ms Ping
text/plain 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3XF4Q7PP3G&gtm=45je3b81v890531420&_p=1700469378197&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1679573734.1700469379&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1700469378&sct=1&seg=1&dl=https%3A%2F%2Fhafizrahim.com%2F&dt=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&en=page_view&_ee=1&_et=4&tfd=1471
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3XF4Q7PP3G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AC1 38 KB
13 KB 7ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 307498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 19:11:21 GMT
expires: Fri, 15 Nov 2024 19:11:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame EC86 35 B
463 B 20ms
5ms Image
image/gif 2620:116:800e:21:6c50:dbee:bef5:203d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFVNjwybp_OpJyszBSRW6Rg&google_cver=1&google_push=AXcoOmSXzdN3iAZ0Tjeoi2s8LCdURuVLHs3lpo81Cu3_i5ZF3Tav4pbVr5fERXcPGwD-Usw7ACfUMA6KbkapL04MnkESXx0N668vHTpO1i26GX6rj70fkOzwHkbCm0--f1W8zYfuthfplDvZV3URrvq1Rq_3eQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC86
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMP9LN8hVTqDtN0l2TcQxJQ&google_cver=1&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZQ7puQv9GDxyux69...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FE9E968F7B7430D8DE6E5852A23DCD6&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZ...

170 B
188 B

12ms
12ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FE9E968F7B7430D8DE6E5852A23DCD6&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZQ7puQv9GDxyux69sxnBjy6B3BCQeI0shsfHG8mjgapMBREIQwR_Sgv2JsUGrMC4GuU5joBQ

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Nov 2023 08:36:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FE9E968F7B7430D8DE6E5852A23DCD6&google_push=AXcoOmQYqQu6WzJpfNxYp7WkiWaPRKCG-59URcaP2iVu_Ae8Qi3nhki8WLNCCFWLs-VB-k85_1D2_sn8_JPDivZQ7puQv9GDxyux69sxnBjy6B3BCQeI0shsfHG8mjgapMBREIQwR_Sgv2JsUGrMC4GuU5joBQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 19 Nov 2023 08:36:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC86
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDy8ceuck8-y7bXJIkwBWzo&google_cver=1&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-KIC0NmCyH9Q1GxeJfkh_MZpO816fNWsPI4VpipCz66TJbXuxPcKph...

170 B
188 B

9ms
8ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-KIC0NmCyH9Q1GxeJfkh_MZpO816fNWsPI4VpipCz66TJbXuxPcKphX8Xuj2CZ6Q23Y4nR5xACTAQKI2

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Nov 2023 08:36:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4615E2DC2C2E4C899DD80D47F689EAD4 Ref B: SIN30EDGE0315 Ref C: 2023-11-20T08:36:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTj_24UzFmME0fDFKDX1D0fdXByz8wbhA9KdOR7BIpKasFuVZjXgdKDAAo-HIIxIN7yaY8C-KIC0NmCyH9Q1GxeJfkh_MZpO816fNWsPI4VpipCz66TJbXuxPcKphX8Xuj2CZ6Q23Y4nR5xACTAQKI2
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKkWFTAoUvpw7lxjJwwQ==

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame EC86
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEA8bUvsbcbS2tUQEhhkSofk&google_cver=1&google_push=AXcoOmQY2WDo02XsVy60PcGxix4Z3OOyDtxoJimLxnzlXHR6YtbF7EXHDeGycXgo1tJhw...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlZzYWc4Q284WGNBQUhIalp5OEFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDwVu3SGcOjJsJmtzYKE-Ko&google_cver=1

43 B
949 B

243ms
86ms

Image
image/gif

124.146.153.152
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDwVu3SGcOjJsJmtzYKE-Ko&google_cver=1
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: HTTP/1.1
Server: 124.146.153.152 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 08:36:19 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEDwVu3SGcOjJsJmtzYKE-Ko&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.206","key":"ZVsag8Co8XcAAHHjZy8AAAAA","privacy_sensitive":false,"uid":"ZVsag8Co8XcAAHHjZy8AAAAA","upstream_id":"m-ad162"}
X-SO-Key: ZVsag8Co8XcAAHHjZy8AAAAA
X-SO-Upstream-ID: m-ad162
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad162.dc4p.scaleout.jp
X-SO-UID: ZVsag8Co8XcAAHHjZy8AAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 103.254.153.206
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 5
X-SO-LB-Hostname: m-ng12.dc4p.scaleout.jp

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDwVu3SGcOjJsJmtzYKE-Ko&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC86
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTEyNjM1YjEtOTY2Mi00ODY3LWE5OWYtNmI0ZGU3ZGMyMThj&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=1&google_push=AXcoOmSz...

170 B
188 B

8ms
8ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTEyNjM1YjEtOTY2Mi00ODY3LWE5OWYtNmI0ZGU3ZGMyMThj&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=1&google_push=AXcoOmSzwI_1V6zR9b31DLmyaew-OR4e1hXebsOYOIG0XgprM-z7_kPl0XcY3tzJPCZ2fehtVpuFmOME1RzNNBdbsrUHkC36Pp_oZOy6j1P5kxNxuC9tlRxma_-ODXFr1md5f0XEUAjxaHRZRqS6utusjZt3tA

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTEyNjM1YjEtOTY2Mi00ODY3LWE5OWYtNmI0ZGU3ZGMyMThj&google_gid=CAESEPApKpiD5PA1O7Gh01B4UHE&google_cver=1&google_push=AXcoOmSzwI_1V6zR9b31DLmyaew-OR4e1hXebsOYOIG0XgprM-z7_kPl0XcY3tzJPCZ2fehtVpuFmOME1RzNNBdbsrUHkC36Pp_oZOy6j1P5kxNxuC9tlRxma_-ODXFr1md5f0XEUAjxaHRZRqS6utusjZt3tA
date: Mon, 20 Nov 2023 08:36:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC86
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEEkLWWvy-cq7FnVUFpMEjYs&google_cver=1&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkyODk&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6SA6sFH...

170 B
188 B

8ms
8ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkyODk&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6SA6sFHQ7ulsteBuyFPpVTwbeIt88G3nm2LCGLz704ViWEcKk1X9byciBK-6HsWhs7_gVsMg

Requested by

Host: hafizrahim.com
URL: https://hafizrahim.com/

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkyODk&google_push=AXcoOmRfsX6qClpzLDBpSD5rTwcUe5ksy8AcFSimVPEjtsQwInpZ6Xytc4Rkvq4wQJnlKl31dsbAiuUivwJldh6SA6sFHQ7ulsteBuyFPpVTwbeIt88G3nm2LCGLz704ViWEcKk1X9byciBK-6HsWhs7_gVsMg
Date: Mon, 20 Nov 2023 08:36:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC86
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEA731CkfkYYTmsHOG0OnBpo&google_cver=1&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1qeGsU_1RlNfLxFrHNBPM1R9XBVZP...

170 B
188 B

11ms
10ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1qeGsU_1RlNfLxFrHNBPM1R9XBVZPP1esX7yUDlT1jtrT6FLuo4NgqqyGWSWMCo&google_hm=1b7de7e8e7ea9cdd12g3ko00lp6nkb1q

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS2gsy4G7bopRPw8pbx0mAiuNpztbcNEvvOpxJktr2gLhkWQF-Esx55DwW1ed5BKMeK6ytnPO9HwCGmCByLjl8c--AU1qeGsU_1RlNfLxFrHNBPM1R9XBVZPP1esX7yUDlT1jtrT6FLuo4NgqqyGWSWMCo&google_hm=1b7de7e8e7ea9cdd12g3ko00lp6nkb1q
date: Mon, 20 Nov 2023 08:36:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EC86 0
50 B 8ms
5ms Image
text/html 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWSNXD34ssLEWpYc3mgFfC4OQ4CkU-wztwc3uMJXiiZ1C4MWFQPXVy1fRYEKukLFdWL8qaWw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 49D3 9 KB
4 KB 6ms
4ms Document
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 50799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 18:29:40 GMT
etag: 16674218716276178799
expires: Sun, 03 Dec 2023 18:29:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 49D3 23 KB
9 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 08:19:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 49D3 8 KB
846 B 10ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 08:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 08:36:19 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 49D3 15 KB
3 KB 26ms
4ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 20:15:02 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 49D3 376 KB
131 KB 27ms
5ms Script
text/javascript 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 20:33:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 49D3 20 KB
8 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 08:19:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 49D3 0
0 53ms
53ms Image
text/html 2404:6800:4003:c03::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQCyDYBX97x4uggh1GKWGIoYhq0nrwSK1m-yiMMkTLcsi7gXOXZvorMs3hX0xDd2Gq1so9YWXnwx2tTPV_ZGYEYH8Ltg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::93 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame 5D4C 343 B
460 B 34ms
10ms Document
text/html 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=dCP67qt5Or46auacwqm_6r&dn=TI&cc=1&chmob=0&r=&pu=https%3A%2F%2Fhafizrahim.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 109995
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 828f5d568e3f2e74-SIN
content-encoding: gzip
content-type: text/html
date: Mon, 20 Nov 2023 08:36:19 GMT
etag: W/"651ed188-157"
expires: Thu, 23 Nov 2023 08:36:19 GMT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.1&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.1&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou

70 B
440 B

11ms
10ms

Image
image/gif

18.141.109.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: HTTP/1.1
Server: 18.141.109.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-109-184.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 20 Nov 2023 08:36:19 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou
date: Mon, 20 Nov 2023 08:36:19 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.3&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=xJVTDWVbGoMqOAO9NXhz0w%3D%3D&us_privacy=&33random=1700469379378.3&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou

70 B
440 B

9ms
9ms

Image
image/gif

18.141.109.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou
Requested by: Host: hafizrahim.com
URL: https://hafizrahim.com/
Protocol: HTTP/1.1
Server: 18.141.109.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-109-184.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 20 Nov 2023 08:36:19 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a&bid=1e2n4ou
date: Mon, 20 Nov 2023 08:36:19 GMT
server: Kestrel
content-length: 191

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AC1 39 KB
15 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 08:07:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame 5D4C 39 KB
12 KB 24ms
6ms Script
text/javascript 13.224.250.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-125.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 19:35:39 GMT
content-encoding: gzip
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:51:51 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 46841
etag: W/"b054dbc49b30695b40107158fb25e846"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 9VDoHH6HP_dGAnPIy7E8Vamik_mHahkRzPsUpgxW1mpxwY19--TQ5Q==

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
45 B 494ms
59ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lp6nkaq0&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49D3 15 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:48:18 GMT
x-content-type-options: nosniff
age: 312481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 17:48:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49D3 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:03:41 GMT
x-content-type-options: nosniff
age: 311558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:03:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49D3 0
20 B 55ms
53ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C9_r2ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwHIA5sEqgSQAk_Qsa64kqS-CE22RJJLbYSU-w2XlunwfmZ8p78L7LoXP7J7od61XrUDO_gj924ZxTjsjF9gPuTAc-fESMDOKoN2-o3gQRjCzvasuMgdU0tiR50ws_NdiSOe5FJitQsM7YsHlxfUWm-uUL-SobrkySG_mZI3gGFHK59q1-4nerCoFm_5OrOtQiPFMhpcpnEExvw00OGCbUAW-nqSMFon2dwCkGnFFXr4nN4kBrdmilH95mbGzpKPDXsGcwuT_1miud1ajVIjiZdZAUlgTMQNluuuA2F4uGUg-9yFVta3o2uk5xsZMe-F15NHP0Kwk2MjtPOKryZy6Iqga8lmnAsjBNXXTaHEcRISX0WJAMpjzXiZwASezZP3twTgBAOIBfbzmpxNkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJTR7ATnqeyFdATANgTA4gUA9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1700469379674&ai=C9_r2ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwHIA5sEqgSQAk_Qsa64kqS-CE22RJJLbYSU-w2XlunwfmZ8p78L7LoXP7J7od61XrUDO_gj924ZxTjsjF9gPuTAc-fESMDOKoN2-o3gQRjCzvasuMgdU0tiR50ws_NdiSOe5FJitQsM7YsHlxfUWm-uUL-SobrkySG_mZI3gGFHK59q1-4nerCoFm_5OrOtQiPFMhpcpnEExvw00OGCbUAW-nqSMFon2dwCkGnFFXr4nN4kBrdmilH95mbGzpKPDXsGcwuT_1miud1ajVIjiZdZAUlgTMQNluuuA2F4uGUg-9yFVta3o2uk5xsZMe-F15NHP0Kwk2MjtPOKryZy6Iqga8lmnAsjBNXXTaHEcRISX0WJAMpjzXiZwASezZP3twTgBAOIBfbzmpxNkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJTR7ATnqeyFdATANgTA4gUA9gUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
54 B 478ms
61ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lp6nkaqj&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.kv&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 49D3 31 KB
18 KB 57ms
44ms XHR
text/xml 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DdH7oDmydE2JUOkAyKJI1CUF_Cy2Q3AoHL1RM2Wqf3vQwIRX6M3gyNaJCNldzWs7GYGOhS1VEo0kQayC7tjIM-Z20O8g&cry=1&dbm_d=AKAmf-Dl1oltMKEffcjo-AYf79PExzH7zGWOMRTdj0DANJs8dw5EbbdLQ1XrRTqHQxThA6nDH4gwDjPKoQtcXRW5VD4VDIrv8JOYpMatnFEtzjn0g0Kb76U5VO5f7D4iSWNtrITcOwL3RaQNZSeCpO5DeCv6jfGdfMatqpt9jQG9s9GBJPf45IrtIX3o3Wqh-rKlXPnps-GBnd0Xfeq0OfqhtX_5mg02MtapcTElmCi9XxG8xuQkKhm6iC5aXyXmglrCDLyynjt5OZ7BGV052hXGppfdzVYgPyJtG8xM-eeN5NCQktRwMPr0vl0kn1nv-TRKzCFSRKX2PRdCBcVOfJWIwCI8987afPylNFcu_TYW4VAXVRez78DUxIeWzESTEWLpk5jG1SQV6ul3WiBTByMBweg-us3QkZ0CfXod5piHVFejGngqjkVSKwdsqjpRuxqGgoJE8HHhYkgVlQMO0G-oxZ90IeyJMgksxDqG7Y_6-Fhyc8qXVpI--trQS0mLy4C1bof6KbxWZinMhctiDz4Lie4s16pMQSpIjWfqmGAm1S8paXbTWvTe3oDGvUkTQCBCXK966aoee08mC6hwuzohXQPlvO1Q8XVWOe9TAjlmvhYEsI-0PGGIcGkz6KMka2y7Ptyf8sfdj6yySIyqxOjzKte9KLfvohde25BY2jyHCMLldXarzEJODVHBACFmwVWx2J3zweRYz25vYRnS_UToFBp_eT6LlVHym_e--c9WLBfgg9NlpoO1gbjzBsOD80vv3fjGZoAja7BgDGgENWRhB-Jm13PrTcYSav8VG78t7B5kqCAfXCLBNh8OnPDLhVwxnEJBuPMcySSS7FJ8vHyqooe4bFRZv2owHJSYvyj8a9G79EPhxxd-NPCUcezpTANg3CB6z2z0ON7-I_wAB9HRhbnkMQD3R4W3lHRE5vlHk7zLGSZHRuBLW7ZEizIkl_GbiTWFkKNB2fuay6JaT85JuqzmI8aEU0gKiPksh8mopJSyAjtJ5oEfwf-YuW3bnlF3xpKvhF7sWDnC3DIg3w3unNGGKCDemWhLWr7haUC2o-UMnnjkoAbXx0CMfgodnQE-Hgy-ys7oaWUDL4lv6nSHbQwhi96jjJOe37EGsMExnoauYHD_-r8mzweM9ez4FMMjRnKpAXiNRq3A4ZMJT_9vo3doqynFzfES7NqxekxfJZ81vqUy_K3pvpRgtj5d4soWvhv2a8vhD524IP8HSYMkjzpfXHPhfojyrsW_gFfjz95eMBxKNtKljFdtgFF3ha_tRZrxS6I2twVlvIcxHccic7BiME-T3E9LR2UhXv7Yp7T0BVAeZXFTrNzhru1isXr4cPXTIBclx9YOmCz-f-e8AxXE1ESEoV_bdsMWanbqaeoxsZDMnKVxPeP4gWbxgmVU3GauAScUhIG5BLAlE7qC1lA1-Le4xnSVldaOS6L7VvdVyl-HXjOHPtislRdMaEOUTlsDG-cao-6-X4K50MfKR-GmkklBTeMbZtULZ17CQVae8LpDVlNJS61Zw_eNZHwdHSbQD7v6cnaUCKUDQuS7IAYokBbXKkKzSuRLR1HPdSkSjTl6CeBXFJ_j7fjJ8yEck7oN7G7sGIpwttkyNkkv_QpXr5uI14sr2ThVrN-zE9G7Ti6sPybqcCZi2Jee0LzYvUo6Edpd7da7MG5cV6CoDGhRfAvEa_5mxMmVto8Xku2Ey4-jfyxdFlQhUNd_SUWKsCZRZHHeFIX6S709Tb-xppIbP_FEZGn4CvRKO2PK8ZRTH7zf_4jv3vmADmD4aRE4JMTLLtD_HbLfERzuneVAhpjY5_6dYsgY1joHL1-E6RniN_sGw2N28YRK1x0T1_5WygwRGXuK5FdMKRemGcRyszxM8gDXP-1GQQrP-TTAs76gVl74aYxQIVjuwO3MyloK4tOCfIbYMQ-R9Kpuet7-ur_1Kj9O8NSiOVjtMAV2PVnJ-BZrBJYl0_TyiHH2CQV8sTfyg5VM8GY9-Rs4qJqXU4WBzxCLmZJ1LtgnMB28db80VG22SM3t7593FRm4YCh7JGRc892ANAJ7NAqbkWytZ22aw-_GhIhJhuuNSfcBf8_U2n0v3CjFffgrh9ZWKoZqJnduD8b0ME9i0gEzSGfKEMRrtG0QSpiQWpjfP0-YhayB26phjuEIpUoK65izRd-gKeTViv5_AOb7Nie59lV4FXU6Xv9ui-IgosgKiLncG5vQK-mM28bamQwzHShmnmYlOXYbl_rh_RQE4NKlasBDDtOZ4jhlleaXa47Zm6NvSep5ksr-y3Ff8UPp2UcZyxJ9ugygwuAzlF663M2Z_Ki-j7PsUv9GswnZbDRZ1qoJLTZo1z3QJfL_pr8xfdnetleX5xjlotNExnrVrUDBulI9wu-V9plGE9m3kwaK5qt9bodFq7bZwZb8WYefSBN_vB6xmVZulFFOvEPqtGta1OMsFt9aIxs0CYUySiECggQ2cNa2oTwNllFjq_gIYkwc_S8jxL0ffuQhJBq8SlV4zt2nhhWOgDnSKC171cxsuy08dvw1gyShSGTcBPmJwvsrtoZOW7RQS7XVnP17THl8GT0XMlEgV-d-nSLPeM_nr_hq2HmK0E5wJQiQ4ZVZd5tiyAgjkL5q-OEPW7gvb-snAl5_imN9tEvb6jsn6fYr9Gn70HZsDIUgE9JkvSAdgDj1g9EmGZ5MAnhhtZBk-DBFeT_nCWbCXJA9UfRs5DG_MQ3r-upI0vo_TArbFpfG_94zY6LDja-1Q_Lv_y7Q2iR9cFUhXn9frM8ff-s-GXPbt03AQm-8q0-0Qv1MDsQ1dmX0x_eI7rkLmGwBhdfZ7TS-DU0SnczKIyok8GrimC4iP0WgLP4p5cOG1QG4uDL_KxK1V93LjMxDPPtRUKSJSdc25PQzCFkcBCVan45Jyc45eYPavaRLBqSLPcgGIgiDklHFKYEpl4_RjPzaVBBvKc9GHOI4u_Aj_Q0I7rUo28n1QgsXf00Enj2JtZg9sZTuwPBQgGRnL2Wosd2B0_k1-v2wd6VmSxhIl_jKYmvWrdSq7gxCpaev-wEcGyrfU4-9hfvgLvMw0-I1yVPx60g0RMb_QR4Rov5cFp_rfA7hA0e7vzEM7ooTOKGUWs8amW_K6tTE9pCV_DT1ycpWhMru-MtUGwg4iTm3U76N9fB2fCXlp6Fm1u52xUWAan5Zx46854MARW7iiheuQa3dVtqV19_Jq3bxUfXVEhlRQOKLNFbt-kNAPJ-OirP2gHrm6LQty06u538Xa2PMiNFrNfB-WiykBXzDjmouUrPu_mWOSaERZo87nVL658iyecsGd1tQd1LGKvIzxEJ9RCPsmuAjTEbVXNM54GtokujqBXBxC6t663L3QqVqPYbb9oLyzn2AwlLQnGo3_9XXKPtLtU5mGYTqP0UXjcF9vmEB61g5U5HYVdPQQqKm1PlwWSTdJc9ZMC08ob1XVO64y5DtSVcRXou3TqLI9A3kMRHBgeK_RrMo3xYCnH9ZPtl_yoQlmC-iaFPXcclfcTeOFBEfwTcwlMAUIUpVPVLtb0mFsNUCUnEchERLlbj9e3f66WQnyplATLLNSxqZ0hFniz0YVFb6f2jjq9CNnj_BmEOIZA0aWkZORPVbLgMzaEnj9UX-3SXV6RDtm0M7aFNFqRr5Bh0iM1B2vNnC9ii0HA-1tVYHE2neqDuCxFDB2Dpeex2fd0bRkbw99FDqTiv2urOSPuYarFiE7H4td3ZIAxAj8hwXX6gbcoRnOT-DFqzrmrvpY0FM5QGxRPmaDxUDAWPOW1wnujbZ4zXm3ogj5d11PF9ZSTE-IvSyBqcMdAPm4YTv6Rhc2v04Y86gZQEOrbrJpYGBvYX33mD3wIqgSu_dJppChu2kJc3rj1bbQrorjaOMGAepG4RwHn2xQt76NNXj&cid=CAQSOwDICaaNlwOHNpdXEQPdMUXhd4PLSqfSEVjoV5X9Z1bqyl0PjQkMnUpIFghmXYxeuI2UuPcNUZtYLYaxGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

26e4e989d1cbb4165fa92b25dac4cb80622873db9261024a02ab37381a8f8e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17885
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F87E 1 KB
643 B 4ms
4ms Document
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 50055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 18:42:04 GMT
etag: 48472445140208031
expires: Mon, 20 Nov 2023 18:42:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 49D3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86f43523cffc101e85f866b58191b4d106e5650eb2b299b26c43455fa9ed6a0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 5D4C 235 B
695 B 54ms
36ms XHR
application/json 13.251.19.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.19.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-19-153.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0059cc0dc99ec949c5e71783885efd9fa68efbe68adb1c2ad3575bb809ff314e

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.42.24.234
access-control-allow-credentials: true
content-length: 235
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
54 B 406ms
61ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lp6nkar1&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 49D3 41 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 19:39:22 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 49D3
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

23ms
4ms

Fetch
video/mp4

2404:6800:4003:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0562B45F0D521CBA00A7F50BC603E093443352E8.0F4F23B7BF7BAF2D6E092124710092C8DCBF8FBF/key/cms1/cms_redirect/yes/mh/di/mip/2001:df1:800:a004:1::8/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1700468935/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Server

2404:6800:4003:8::7 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 08:36:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4291237
Last-Modified: Wed, 01 Nov 2023 08:01:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 20 Nov 2023 08:36:19 GMT

Redirect headers

date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0562B45F0D521CBA00A7F50BC603E093443352E8.0F4F23B7BF7BAF2D6E092124710092C8DCBF8FBF/key/cms1/cms_redirect/yes/mh/di/mip/2001:df1:800:a004:1::8/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1700468935/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F87E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O1...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-...

43 B
455 B

203ms
193ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 828f5d5918b36bf3-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 9268
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJq9NGRnG49um2bjgyKeBDk&google_cver=1&google_push=AXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSm0NjmVH6J40Do0M5daSOXxq_RHBcSHvmFQbWMI3Z-voM33_kBrliHgt9MZ6J4bvP7t1t5G3McF2NRoFnjai_PXFWPrp-O16mQot2X51mMYDnxjBalstHfusFK2LozZqTPZ4rXNmhOeYIuzr-32kLc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 828f5d57cf406bf3-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F87E
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDFIHa7sZ4CWgIyDKA9phuc&google_cver=1&google_push=AXcoOmSJSVgA85upWBDf2pc3zLsLV0wBtZ7KxM0em5PNyozGlnMou_8VvK9cCte6m4bGfPqdtYGMp70-PqySggWV8p...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmFkMTkzY2QtNWVhNy00NjdhLWI3ZWItMWI4ZDQxYTMxOTlh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a

170 B
188 B

9ms
8ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmFkMTkzY2QtNWVhNy00NjdhLWI3ZWItMWI4ZDQxYTMxOTlh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmFkMTkzY2QtNWVhNy00NjdhLWI3ZWItMWI4ZDQxYTMxOTlh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6ad193cd-5ea7-467a-b7eb-1b8d41a3199a
date: Mon, 20 Nov 2023 08:36:19 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F87E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOdc9-9qAX6FS2a4meQAcho&google_cver=1&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-o...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOdc9-9qAX6FS2a4meQAcho&google_cver=1&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0g...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COa...

170 B
188 B

10ms
10ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN&google_hm=UWXp_syzRA2739oUW5y2MQ==

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN&google_hm=UWXp_syzRA2739oUW5y2MQ==
Date: Mon, 20 Nov 2023 08:36:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F87E
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPfALLe_NRXu637RtweOUcA&google_cver=1&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkzMDI&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr_WfK9G...

170 B
188 B

9ms
9ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkzMDI&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr_WfK9GewIHJVpCbbobnTTW8D87SP5ktWOsok5Y_e70dArpdKMVklszF1-8Bl4TaGwL0OBcw

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc0MDIxNjkzMDI&google_push=AXcoOmQjTcdAcajw_Uid4JYRsAPemVrOFleUJK8ZYOsqEp0Q_As-zmPlRKvvPMJvF2Vaxu4nxeM1uS-cEPF7yrr_WfK9GewIHJVpCbbobnTTW8D87SP5ktWOsok5Y_e70dArpdKMVklszF1-8Bl4TaGwL0OBcw
Date: Mon, 20 Nov 2023 08:36:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F87E 43 B
363 B 23ms
4ms Image
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSjJVZoCI9hjFFDbjoxT-1st8GAqEIpnRfVdgxPMRpYa1N6aOVXwhHSAlOszlCbVDEfgFmzpaviykQ5M0_LM6NsOm-8ZEYZyjDS7-OKrNm0PvmCoLchsE4jimEnQUjcZN-as0AtYrX2sQTpHIoCGyJaWg&google_gid=CAESEKmAuP5IdxmXUuYX8sJxhl0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:18 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 438468
expires: Mon, 20 Nov 2023 00:00:00 GMT

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame F87E
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7m...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7m...

43 B
243 B

356ms
91ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7mBr9xyBXvLGJ5xd0VBnJzBW9O92K7Y8Ku2KexfwhQMK4-ecI_u8JGExwFczWBn6tLbLLbDHVFEwyEpn6PkkyvGxoq2QT1Stg&uid-set=1
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 08:36:20 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 08:36:20 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENMKVZopxUTcUUuzI72Y9Kk&google_cver=1&google_push=AXcoOmQL05VZ-kkLpoST_Ye6qHJE93d2URlkAjGJAm03e5oV_1OzR9qby9d0nA7mBr9xyBXvLGJ5xd0VBnJzBW9O92K7Y8Ku2KexfwhQMK4-ecI_u8JGExwFczWBn6tLbLLbDHVFEwyEpn6PkkyvGxoq2QT1Stg&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F87E
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMzXocdF0nznv_iNOQahJJI&google_cver=1&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q8DZZ3WhINk61EFteiq03JFxWvIkyLc1zGhHNn78lamo6PFwxhhoTlE--fT0G...

170 B
188 B

19ms
17ms

Image
image/png

64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q8DZZ3WhINk61EFteiq03JFxWvIkyLc1zGhHNn78lamo6PFwxhhoTlE--fT0GG56-0-mOIhuLuSiIPM6g7jJnedSY3GCE

Protocol

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 994d633.128efd2e
date: Mon, 20 Nov 2023 08:36:20 GMT
x-bytefaas-request-id: 20231120083619D040E6F332B94E7AE566
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-59-80-140.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 239,23.59.80.140
server-timing: cdn-cache; desc=MISS, edge; dur=232, origin; dur=7, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231120083619D040E6F332B94E7AE566
x-cache-remote: TCP_MISS from a23-36-67-229.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR2DXkbuL4nudI-HVQETTBIzFfVmfS1Lx1JoUn_DM4nyF-8i_tLgLQ4oG5s11q8DZZ3WhINk61EFteiq03JFxWvIkyLc1zGhHNn78lamo6PFwxhhoTlE--fT0GG56-0-mOIhuLuSiIPM6g7jJnedSY3GCE
x-bytefaas-execution-duration: 3.14
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0141721bf65e892fe44e9ea21a2541239201ad825159c1a6158588852ae3a7bca49563348761a60df9fac140d8f9d4225818677eb87ccbf2d9311504e182184917dd3bd0a381abb9598ad5d20ec3a5753cc674451cb9eb48e8d695f3a6aaca1bee60b2327a2cde2ae09d5ac321a6357b48
x-origin-response-time: 7,23.36.67.229
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 20 Nov 2023 08:36:20 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F87E 0
12 B 14ms
14ms Image
text/html 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBtuKSQrYfWmMEX5yN9CUj7_G_CgNfz5z_EupnGb54nrpXCWW3JndjNwnUsHON2-XXgSafCtM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 255D 23 KB
8 KB 7ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 304236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 20:05:43 GMT
expires: Fri, 15 Nov 2024 20:05:43 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 49D3 0
0 59ms
59ms Fetch
text/html 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZRq1ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwGqBI0CT9CxrriSpL4ITbZEkktthJT7DZeW6fB-Znynvwvsuhc_snuh3rVetQM7-CP3bhnFOOyMX2A-5MBz58RIwM4qg3b6jeBBGMLO9qy4yB1TS2JHnTCz812JI57kUmK1CwztiweXF9Rab65Qv5KhuuTJIb-ZkjeAYUcrn2rX7id6sKgWb_k6s61CI8UyGlymcQTG_DTQ4YJtQBb6epIwWifZ3AKQacUVevic3iQGt2aKUf3mZsbOko8NewZzC5P_WaK53VqNUiOJl1kBSWBMxA2W664DYSC5_9VoTsPEDX5zdkw3FLykixRCyKPScFRWdQS-I4OGPrlcB8T6fsmyJTvwEyJ_RQu3PD5HnHXI14vABJ7Nk_e3BOAEA4gF9vOanE2SBQYIAxACGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQrroXGLGVyfwB0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQoOKYvtPCxr9QEgIBA7ATnqeyFcgThofp4wPQEwDYEwOIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItMjAxMjc0MjYyMTE0NDU5OBgA&sigh=ZcGAwv-bzLc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNlwOHNpdXEQPdMUXhd4PLSqfSEVjoV5X9Z1bqyl0PjQkMnUpIFghmXYxeuI2UuPcNUZtYLYaxGAE&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 / Show response
sumome.com/api/load/ 878 B
1 KB 1031ms
367ms XHR
application/json 52.25.145.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/load/

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/70.ce9d3b69dd1815269e54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.25.145.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-145-156.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

78e863e1104cbfcfeae39e80380201fcba35f83347db4425a622d47c7c9b94f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 08:36:20 GMT
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hafizrahim.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 878

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 22ms
14ms XHR
application/json 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80dfd3171ba490ef1db10f44d74f757d0c3f60ca3bad9735c0681886757e0aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12367
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame B13E
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd0a863269c38c%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

214ms
211ms

Document
text/html

2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfd0a863269c38c%2526domain%253Dhafizrahim.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhafizrahim.com%25252Ff16112fd69aad08%2526relation%253Dparent.parent%26container_width%3D334%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fhafizrahimnetwork%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2a8a6e48af0d1ca4f965b2484c4812e2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Nov 2023 08:36:20 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: INuPHI+7I7Mc4msBca5wV+iysCeY6/d9drao63tgAZ0StndQ7v1yePi7jOa9NOWQP3F8txdq/R7QMqgOgZ+ZvQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfd0a863269c38c%2526domain%253Dhafizrahim.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhafizrahim.com%25252Ff16112fd69aad08%2526relation%253Dparent.parent%26container_width%3D334%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fhafizrahimnetwork%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: WEhdGTfNGOYez8H9VYYlD5sRIKGTbaW05+/1gXjJIwRdVOFMP1ehizQ6+8d2FMqzg8xICDRpFcw7HdfR25ef8Q==
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 255D 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 08:07:28 GMT

GET
H3 206 file.mp4
r2---sn-npoe7nlz.c.2mdn.net/videoplayback/id/b6428d7019d1a2dc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732005379/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 49D3 4 MB
4 MB 12ms
6ms Media
video/mp4 2404:6800:4003:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:8::7 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f9e0d59eb46aea74c0a22ed837d86a54f9db67c28d354c03fcc29c169efe8e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 20 Nov 2023 08:36:19 GMT
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4291236/4291237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4291237
last-modified: Wed, 01 Nov 2023 08:01:46 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 08:36:19 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
45 B 254ms
60ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lp6nkat1&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2087&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.n3~videopreviewvisible.r6&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AC1 0
20 B 64ms
64ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvF_ggxpbZZuBBJL8owPvnYfgDwAAAAA4AeAEAg&bg=!U1ClUB_NAAZxrfrxUa07ADQBe5WfOKtB1Kh3gCGj5beencKglPGYs8HnXP640VpSO-NMAdtTHq--45zBXcrqGK4pXSPjAgAAASJSAAAABGgBB5kC1hzfDYXp9Gg8BvFambqfOfiLzX1sFS0ezoAA9Ln5-pJQK3jLg9a3sYh9e2ST6QoKd_6QOf33h8VrjO0Bz7t0MxLk5xeA1PP6x9SVIPMQnvHUXTZ6sFPPWtQB4YWmRS8TTG2UJzCcm2qD1eBDCoItOevKnlbs6-hMEyoARNDQjNiQwZqzuDFbeXLKF2Ry_MHrFEeth9S9C1M64fW9cWEtzxbhyFVveJzvldS-8uP5KJkypzLvXvVgn7laM1ZERQNhtAyFBxhaZPeTXtAsgLGmsLivoBPRNYkhmODMZHKZcmvzRa-LZeMDTCPei2MkDg3MXLJ7GUSWZFoLjO73qePiUbIEwnYVGb0oho9kdU-Bsy2wEN7872ZRep8iyheun0w7MEL2l8cnyNUDnV6wAXrz-z-z2jjkqNUiks-0aJcrjIeFiyI_ZlkGt8vhOpidTPntcd2dm_n6jh1craCS8-Gad7d-27Yp_OpmPeHmMJ8cbz8XU6785DvwZXcyDzUd0c5O71ZQzCBec6Rq-rqlynO76qmWxRr6BXuN_-rQE4uRDDQssTVAnGyDBLramhAryIbw6nq4CBz7SEBDQXXzTnv4SBGW7gokx8lcUKLAeY_iAW0xHmbQf_CGA_SaDY1xfaqXvKwYNBVX3oANuW7alfuAD7eUko3BwdSY8xsVj8DZ2frpfg3w_uQyZrhsrN1ljz5UojOf3a2aQasYWOV-zgJT3BMRevvmxXhvd3GJph6QJL7HySqb6hUt5CRA-XkC4ZkBYYvASr7WXzBMMfmFiAlwHSOITO8f6Pwbx90RkOmo6dCxDN0ZRUtG99ScLHGSlWqMAkQOOx1dYgfCTgA0YK8UOV7P5igOQFuPOnxIdzU-Hybj6BZ0pMgbqczaAyEi0zpMhz_bDvckcxDKeDLT-2Ef7nM_Nt6pTsOyROK9LnqcNn6dUDdQrLSbdtvXxctVaAR5ePowPyBpng

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BE2 13 KB
5 KB 9ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 3287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 07:41:32 GMT
expires: Tue, 19 Nov 2024 07:41:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97A2 829 B
561 B 21ms
19ms Document
text/html 2404:6800:4003:c03::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::93 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd9e2666f2e5c88b4ccee9b5e6bdadb830b952bc26f42843da123c84e14125ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oXiZbK_YhFVf2hxsZBLqrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hafizrahim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oXiZbK_YhFVf2hxsZBLqrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 08:36:19 GMT
expires: Mon, 20 Nov 2023 08:36:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dc_oe=ChMItuPRipbSggMVwVKdCR0VAAS6EAAYACCz0rthQhMIvZejipbSggMVBUxoCh1FogIO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 49D3 42 B
401 B 87ms
56ms Image
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItuPRipbSggMVwVKdCR0VAAS6EAAYACCz0rthQhMIvZejipbSggMVBUxoCh1FogIO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1700469380036;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 49D3 42 B
64 B 63ms
57ms Image
image/gif 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9_r2ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwHIA5sEqgSQAk_Qsa64kqS-CE22RJJLbYSU-w2XlunwfmZ8p78L7LoXP7J7od61XrUDO_gj924ZxTjsjF9gPuTAc-fESMDOKoN2-o3gQRjCzvasuMgdU0tiR50ws_NdiSOe5FJitQsM7YsHlxfUWm-uUL-SobrkySG_mZI3gGFHK59q1-4nerCoFm_5OrOtQiPFMhpcpnEExvw00OGCbUAW-nqSMFon2dwCkGnFFXr4nN4kBrdmilH95mbGzpKPDXsGcwuT_1miud1ajVIjiZdZAUlgTMQNluuuA2F4uGUg-9yFVta3o2uk5xsZMe-F15NHP0Kwk2MjtPOKryZy6Iqga8lmnAsjBNXXTaHEcRISX0WJAMpjzXiZwASezZP3twTgBAOIBfbzmpxNkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJTR7ATnqeyFdATANgTA4gUA9gUAdAVAfgWAYAXAQ&sigh=EXm9PuD_IwU&label=part2viewed&ad_mt=16&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1700469380036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 49D3 0
557 B 91ms
64ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9eoSabIui62DKId35ChUIves1N2nB4REL1VDL5wwbL6Caq4hmBmtEQg5-ooxRI0tKVJ2nai34M77l2-C-YfF3K0IOMnVUp7LsiRrmAxXsdCgKal14oj7bVfQ-uW2OnFX_Hv6ZpVl56URVrW4Oa7Vff0yLgPM8034mJ6YtoRzzsQ26A286D7GhzfgOLjH51wAoaxgVmYqvle4Ayq3aGybn8d50GD4cL8RJ83Tdmzp1D_S9qYj-KnHmQoXTxKxMB2bYhRTioQDfSLY_V_x3NUAOu4H_UE4IL3WatbErMkOwgzmhUHn5p5gpRthw4gfLtAtiwJxWFehhX1VJcZgdjI8ZYBnBMUonF1Yl8MKNTR0jztTN6WyB0gisSPTDkF9Rz9nO9oLXiPkuMycD6dWOx-GojiSqCt1v-RKVIm7aVG-47-A1FnOlM8C8MAJ7Yz2apGDquTO0XcPkleMJtiIdo4doKk5D-VlEygFxgIL8UAElav1Dd3YQgvnJw1JLUyIygnYrMAeFEnauXBcOXk31vjBc2x_lLsoJNjORtstg7YLByBTSeD4WZIyJoCEN4IHlaw8g3-mjOQKUKeFm7OnKZhqs4MWcwhODKim7Dw4uOBl4j4urug1S8KQwUzh_tlfcEwymB88kHmNXgIv3OlCqS8wfl1NDBejGc0bCgv-RhidXn09oB_X7aKb69CltHPTicqguPAsoJjLb7hFf106aSffdIOMHgdC4KxnuEi3pTOtO8GdXK4p33iKJkgge0q7qhH5w47FZe21JUFy45oXumD4r4vyitwj3iIguiqEBmBoVsEwrudcOIKztQMPhxjh0n5tXZg4tIj86WyDJkHal-cDYw65jfZurUOmzsJigDCErYY5Gu0XTuLZGQIh1_jzb8qlU9HJBvEsBJ-dwH2ePIB4wIpO1sRXfqHTfGC57_zu-1xv_zyfM_xWeCj_wdJJLkv1CpnhImJ2pYRMVZ71_Mtw7x842sxm9uiRIg8AwaGT5Vbix18-prKQbw9vBsqtRwGL4I3DsnLbMY_sBCaarJv-mi0OXPNTN9VKl6jgl_YMB8CSEVxARaPn2mEe2mmTMi_ije1ESHKX4FjFeb_a0blh0Lb50dARWXPW-J-kHinN6q-JVw_jlOyjP5CYbWxUqXbBVnQauLN69Ge7rR43SQaGw4PQIZkPoy2jQ49-GwJqXhckO--3j0zvUOOF4AA3ijp5y-WrTV-Nt2GOGhaHpwAE_Mjp6m3IFLUg8ny7-V18z4yeSQnrZeWntjjd7lMvw1uIGz2yDZinAfRPbx7TtInRifNdAfahXAFukWuFzs-Jb2SSk2lWV2X7e6RCnr3aS0xwYTuBzDENetulMnp-65E1sEgc&sai=AMfl-YTwsSZJJFxUCq9Dc5oWoegu7Ao0udJaKmVjlQMP9Utm-zTKipBHZPKsQpHjyj3qehls8J_cv5y3F-sEKi0bJbrsqrO4UkHPHxg4IZ4D1fPlW4YAfg2-6HE67187McVFuhvfBNuT6txy4L3T7jXh0jlZcwzRj2tOCp43Cj3wc_tVl10U8TTc4lUMGr9zBwDMMLMXXpFnPTv_EY7yJaJodzOIbWqwYkriXeV1XqESH6qYx5bkvEggOx5C6kcosAY2jDKu_CJ8Mnr3lrwd-6-pQWrbyNL6xA&sig=Cg0ArKJSzLOSfIagUu_oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

B30929751.379602284;dc_pre=CPfC5oqW0oIDFQmJZgId5E0HUw;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/ Frame 49D3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_pre=CPfC5oqW0oIDFQmJZgId5E0HUw;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdi...

42 B
63 B

19ms
19ms

Image
image/gif

172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_pre=CPfC5oqW0oIDFQmJZgId5E0HUw;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Protocol

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30929751.379602284;dc_pre=CPfC5oqW0oIDFQmJZgId5E0HUw;dc_trk_aid=570665779;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 49D3
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGLGVyfwBIAEwAQ&v=APEucNWgEWyzfeVXAyI1bIoOthJNCcpt7dRi_-fb-THz1wcSNFexjXSWdt2Bm9ZbXlsjGd5RRHGnCY90T6vUGyqgKQ5zrEvBFNLqMVV1XqjQwQkA84Bzsns
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVsag6.uDLiZIGa.ngAShQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1CZkD6-oTY_Ad_KXdBm-Y&google_cver=1&google_hm=2

43 B
729 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1CZkD6-oTY_Ad_KXdBm-Y&google_cver=1&google_hm=2
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmILMWp6LnqkbDgcEjzLR8S4aUsRpYAXwBjLWwcYhpNuUnqJDssy2gJoQMrD51IuhqVfalzoFIo0sB%2FBynDXlaYIoj5LE0curGJQHfXb4ZW30eaguji7RCTeTrqZbNCSLQIPWj8E4CAmCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 828f5d59cc45564c-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1CZkD6-oTY_Ad_KXdBm-Y&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49D3 0
20 B 58ms
54ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 49D3 42 B
64 B 60ms
56ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst12TvlpL3VCKGT3-kDChTc5-hrlJbC8XcjZQt_nSV0lfe2ptPfClMWUCxCXAI6tGhX1a319cy-2Mzlr7Z6H9qfsncvMcacuaf6YrZoA5XzLpSlzkBNkp4xzY2WecDHMJPHLRZqhjMahw&sai=AMfl-YQZCf39yqVpBmhLm8BVyP9_8VM-1_YSK2x3TRnXl6ZxfAvZuiP6-KOJkB21b3Kci7e1ejFwXD0H1rKF2nV3_BrNdp3gkJ21Kgznexcj3mLbkketZIJp7Msw-_E&sig=Cg0ArKJSzOFQMBMfFBHCEAE&cid=CAQSOwDICaaNlwOHNpdXEQPdMUXhd4PLSqfSEVjoV5X9Z1bqyl0PjQkMnUpIFghmXYxeuI2UuPcNUZtYLYaxGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1700469380036&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 49D3 42 B
64 B 62ms
58ms Image
image/gif 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9_r2ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwHIA5sEqgSQAk_Qsa64kqS-CE22RJJLbYSU-w2XlunwfmZ8p78L7LoXP7J7od61XrUDO_gj924ZxTjsjF9gPuTAc-fESMDOKoN2-o3gQRjCzvasuMgdU0tiR50ws_NdiSOe5FJitQsM7YsHlxfUWm-uUL-SobrkySG_mZI3gGFHK59q1-4nerCoFm_5OrOtQiPFMhpcpnEExvw00OGCbUAW-nqSMFon2dwCkGnFFXr4nN4kBrdmilH95mbGzpKPDXsGcwuT_1miud1ajVIjiZdZAUlgTMQNluuuA2F4uGUg-9yFVta3o2uk5xsZMe-F15NHP0Kwk2MjtPOKryZy6Iqga8lmnAsjBNXXTaHEcRISX0WJAMpjzXiZwASezZP3twTgBAOIBfbzmpxNkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJTR7ATnqeyFdATANgTA4gUA9gUAdAVAfgWAYAXAQ&sigh=EXm9PuD_IwU&label=vast_creativeview&ad_mt=16&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D15%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1700469380036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
234 B 112ms
58ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lp6nkax8&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2087&mt=video%2Fmp4&vs=1024x576&dm=15000&event_name=first_play&asset_bytes=199846&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.ui~ff.ux~videopreviewstarted.uz
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97A2 0
0 63ms
63ms Image
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4251035163134571&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BE2 39 KB
15 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 08:07:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 255D 0
20 B 56ms
55ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BjEK1gxpbZfaVLMGl9fwPlYCQ0AsAAAAAOAHgBAI&bg=!TU6lTgHNAAZxrfrxUa07ADQBe5WfOE3wAt0K8zxbPv2YqtByH5Aqyk7eD8DIeg2x5A3yQYRtuCdXAVEd2xoikUl56ADjAgAAAW5SAAAABGgBB5kC1ryHhSp6EVJtYmh3fWVw7raaDJ9he89zmvcfYZw__i9ygAlvWc4s0bz38MmIHwwo4XWEawESMFqpEmaqyJWACgN7e5xcUiO1nml-jYHCIxhMNZ-VeLoGItVsIayfbT1_Ma0KAN82BHYi1ErrI6ODr7YDN4Nf-TG33BDymwaYN-DsgJbkMlFwj9f0x-1P0AlBJzuscDcKYCjx5o0iPqtj40hnDktmKkOsZZlZ77htcQCg5Z_rQiFAxDXT8fAgWqTrxaT-xMUQqLrI0JPhd2kWE5YVjWa74E80que4y_XrSbOdxSpPpnTtUB22ET-CXwX3-5dW2Qcf52rCwRz26izC8MafV35lQSP5hBT1_CNlBEtgm2tqIHiMbyFJxVT74GoJeSGbz8okcc0l6Q2o9dQyaMQbvfwtgf85gvvsywGa4YUozGWmv55Rp4zmqpclziRiXkV3MvuXdK4gwZIpj8s9dsbFIjctpj_t_ccjq7rKR52PXobJSThuEESBP_-MIBriDc3z34rkHbdGLPj8F1VJZZUHyF82PTLkGSEyFzGoBFUUxGkGkarC-sVoF_iiFKcihNfs4JysMY5M91xyLj_Ss35pMjrn1eW8R75p5KjTta0A_rELZ4eOX_VDQpE52dj0ZSE2o-q9UyJDBRdX89hmre6qdck_Te6wI3J2-XGCmEV9LdlonMV-IDKkZMzSneW4IRnr46jQyOB77yqKesCZYE_X3ZFx7IiUuHEcdXFdMlfXAacohiiDQ1aiKX4RVQVjYnXcIgh4gG5-HOea5Mn2Xl74uCMKUyC6KNDtbh21JWuAKL_g0N4d8J0RRiObvN3c5ng9sSRjWMfshniF2JPGP0O1O2fZOzHfKWUOFWSLTfJbSzXhEFc5sVaf8wtYqnoCeWC0BljtUQC0SUKIXk_ZmT4gftKKrcrJEVheTOKOOhpFA7WA1FTfC3Guc3TSNhgOzQGdU0X6eg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2BE2 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3lIB9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4251035163134571&bg=!Dg2lDULNAAZxrfrxUa07ADQBe5WfOLLGlXRVj3bOYzgyaNnPTY-lnZH_hbMefajwVsOv7IOiCCy8SIEMoVKNff5WA3PiAgAAAJVSAAAABGgBB5kCxXml3O6Mu310Wz7o5QnrY-9UWQP_0wo_D-HLZiEPRWb99gQK9J5d2R1zQH135sxd2210Mg-7metmFJB5g3Ss9cyPdWFCr3kv5Jz3eut0kw7x_dN3AYG6mOO8_8cvw8wpItKhl8-3IL4ITpyetxHNXS6hMeyqB1Cjx8PLaZqpPtjQtSQZIng1WczRtGi0VOoWUWXpSSJWf9apO813PCeTJxU-vw4hnWwnops-x30rPKUPFTvLkxm7uUJscPYRHhgtEVBzdIAvR6qO-4-AT2k2PTWwzhZpJVAOyTXGnMj53ndgS7_poKny--p0ShfP3r0vwkVFZJnUviMMxyPnraUANsikKZNUvl7y-eK7lB_UrQBAaxXZ-qYIiz4abVSripjvcj-AZYIgyegX7MmnfX2L3cMnyNH6R4HcsMeY2aYdoWL6crp_QT4OPv5eAIn6u3tbQsJvi0YQGfrV4Tz_9fJgAoKifNuRC7tqYpzrRIQ5OW1mC5_tiT413CHhwQ88tvwpnCmxaWHY_-pJsQ492u0ySC7NyRZComHIvhTxVdqjxujAjTyVODEfQvTj2MU7S5zu1khkDULbx8no2rpUbPLzXBOnma0UwX32XZzO668zdt62kwaLOl5pRkOvXqG62dH9xRJrUgBiby4fXA4E5kzeTRJja0b814othLHZ5CR8YLs-dQNs2YbuiarJXm5Dr1rD2P_qulVnPW1MURYmpj35QdsF7AL4Ns-p2HMn11jQDcq9s4HCyDg7mRRO7FMWS7m3U9yuHKdettIR7CBvqwRu17ljOpDtwbeycLZOzIKIya06VoBvTaSr25CFEmAZ7TT8Urfc167LATQrWMkVH2AlHQtjHjXvQpVlHKab0MjVy2yIj3gn6oqDAqA7bZes9eiuWlY0gdfA2rkvx8gkk1YY9y_qjoMInHvR8nuj3GNd8cvHz1bDd3E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

OPTIONS
H2 204 services
sumome.com/ Frame 0
0 328ms
327ms Preflight 52.25.145.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/services
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.25.145.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-145-156.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: POST
Origin: https://hafizrahim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://hafizrahim.com
access-control-max-age: 2592000
date: Mon, 20 Nov 2023 08:36:21 GMT
server: nginx/1.21.5

POST
H2 200 services Show response
sumome.com/ 205 B
625 B 340ms
339ms XHR
application/json 52.25.145.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/70.ce9d3b69dd1815269e54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.25.145.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-145-156.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: Y4kDW7DpPd7heOAHb2LJxao3
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hafizrahim.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-length: 205

POST
H2 204 csi
csi.gstatic.com/ Frame 49D3 0
54 B 59ms
58ms Ping
image/gif 142.251.43.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lp6nkb11&c=6824328361257&slotId=3412164180628.5&qqid=CL2Xo4qW0oIDFQVMaAodRaICDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2087&mt=video%2Fmp4&vs=1024x576&dm=15000&met.4=vfl.zt
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.43.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tsa03s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 95 KB
33 KB 5ms
4ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/6.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 21b4b5ff7892c77646bc393bfc752994256c973b941efa1aec36293a69fd2f44

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCGWA3ZMRE3F3SN
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: sxnu+7oMAnkcIqyFWMI9lLmtaMFiEcsIh8CVpAli+urv5TNoFFQUsyiGoOBS+m5v1qtgfGrEqVA=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6f4c087b28164d947a47fb62257f909e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: e00c54c2bcfc4812ee0be5b7ddcf8801
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 5 KB
3 KB 6ms
5ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/7.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: b9e78be0f5224e190705834d95672a44d55bc8f81a20c4f1c5d00d0a5aacd4d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCP1W25BAY744JJ
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: r9y3l3uKlzdl0ljYh8OF+I70J1tal28+pzKPLfggfKLPZJYQJpJtm/9LvGzp0jI1GxWZ6gHdNk0=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a862561e5de97b31ada3930894ce0b62"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 7b9c85ad96c896dcf6ee220d8409d856
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 3 KB
2 KB 14ms
14ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/3.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: e833b1b7985a4d05ae0fc5e7a9414f3faf83686d39113ebcf7caf305e7950aaa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCSKB62TESTKGS8
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: rLKkERP32VobiA+URHAmMqswM8+MEkt56HT7Bclszf0F0fxyKh9HHgkqHXtUshIrrHP43kxfe1U=
last-modified: Wed, 15 Nov 2023 23:55:49 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"9d03ccd6006f71971d8f911341c7a65a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: db70b791e19f2ad66d059f5bddf41a94
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 11 KB
5 KB 17ms
16ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/9.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 49effd3bbbb1dddb200fbd1272f0e7df5af38625de89f6c8c1f226013ec477e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCZ3DKC3PBQQ57K
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: UDLfZvPUE9Lrq5fxEJsQuilz/cKchZ2NFmepxvU7u8CYbQsyLX6L5hapfmRRtkySG9Colf7rpjM=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"568694d3b0dc7e18e01f77ae4d9fac05"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 0a0302839d9a7c525e1327caba4bda2f
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 393 KB
112 KB 5ms
5ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/22.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 33a08de9d079cc66b081d02be5d55bec5c60fe10820447395e62e01192bfbd59

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCV517MFECK8NRA
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: eFJHqh8GU5v/3eCv+IRBRlytVyWOxDI9edJxRupndrdfzYDu7U4b0oZtOkEhOYKO1WBKJa5cUcc=
last-modified: Wed, 15 Nov 2023 23:55:49 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"9b6511a589c2f43e688980efb584067e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 0cd266a24e99ae935868fabffe08d628
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 175 KB
51 KB 10ms
9ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/21.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: e0e14a820179ab3f4037ececb74d17682f3f2620e0735c36a5c3514cc8fb2fd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCMK9Y27ZZZX02P
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: Gn/x1Q81AXwYYV3gZLQfEByWzZjNJ5DpH0NxYpUmbCXaQZn/U1tlD6ftgssgk+Pmdsu+Fn+PMp0=
last-modified: Wed, 15 Nov 2023 23:55:49 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"37c125ef38c68c4f7f098147ced4e3f9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: a810a4a9e5b557911fb79a4de306cd7e
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 61.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 1 KB
1 KB 14ms
12ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/61.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 69f9428765c7ac3712c90f3cfaf6c90ec88bf004f8fffed0c7053dc06a51c1e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: ZPCRAMWMWBW7FSY5
cdn-cachedat: 11/16/2023 00:08:39
cdn-pullzone: 1686293
x-amz-id-2: JIQSDnqk9nj7Dpp7KZ1wNdBfHkx1rBzfMHXEPxAb3tPW+Z43ivYSt2w6iO9Vd1XPwwqUo6uv6QI=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2d5836393d95526fe01eb99280bdc77b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 7bb8eff057b2ca6e35943edc87d258f0
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 5 KB
3 KB 12ms
11ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/0.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: aa306e3f9d8088342bd9b2782ae2d5aec86d705fbe6582d7f162f7258672fbef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: TXZB8EM6SFJGGRZR
cdn-cachedat: 11/16/2023 00:08:42
cdn-pullzone: 1686293
x-amz-id-2: KrhNPM3ZM/Ck8RnKtPFS8UulMLr0focFti621UgN4wxXO5p/T5RFVFmd3j4zEpA4a6XuQjORXi4=
last-modified: Wed, 15 Nov 2023 23:55:49 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"83819fa0ff76bb1a8c38339998b60f70"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: f807c4c3a9fa5fe0bdce4f000ed027f6
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 94.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 1 MB
79 KB 4ms
4ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/94.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: ea05ad76e8d224961ca5fd4a3b7d0d00eb2c2322346ce81bc0c0112beb001594

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: TXZC24K9PN0HTKRF
cdn-cachedat: 11/16/2023 00:08:42
cdn-pullzone: 1686293
x-amz-id-2: Jz6Oix++TTrZxpNcu7lpP7CA9u6kR6W7XUTMj/sUl9Q0gA28GLGm10RfrXK3Dxe+ZT2gDfEeSTQ=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2c1c97212628e38c04a9bdc6a6d98c26"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: a5c0d841851d75cf86de4ed7aaa68bde
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.ce9d3b69dd1815269e54.js Show response
load.sumome.com/ 221 B
763 B 11ms
11ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/96.ce9d3b69dd1815269e54.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: 3cfb3d15a79010b9427845e8f3f1ac5b740ff60f7c0f28d241420fad9275d51a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: br
cdn-edgestorageid: 868
x-amz-request-id: TXZ9P9ZR2PA7XE04
cdn-cachedat: 11/16/2023 00:08:42
cdn-pullzone: 1686293
x-amz-id-2: Hi7LV8Yazc1xKunNSNotHvy5u7NobJV+34lNFM+gBBY8KzfZmTH9h49FJLHN7hqN1cszL6ZjOs8=
last-modified: Wed, 15 Nov 2023 23:55:50 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3a6030bbbfe46a13e32a2bd0a3c25620"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: public, max-age=2592000
cdn-requestid: 34bbeccdf4b1565df91cb6666cffef82
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 32 KB
1 KB 7ms
6ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://hafizrahim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 08:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 08:32:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 08:36:21 GMT

OPTIONS
H2 204 features
sumome.com/api/site/0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db/ Frame 0
0 323ms
323ms Preflight 52.25.145.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db/features?site_id=0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.25.145.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-145-156.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://hafizrahim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://hafizrahim.com
access-control-max-age: 2592000
date: Mon, 20 Nov 2023 08:36:21 GMT
server: nginx/1.21.5

GET
H2 200 features Show response
sumome.com/api/site/0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db/ 3 KB
1 KB 335ms
335ms XHR
application/json 52.25.145.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db/features?site_id=0d23ade83c3c09cd997d8f1f20db778b9b192e53de0db0d0c0cfcf0bf4be17db

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/70.ce9d3b69dd1815269e54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.25.145.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-145-156.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Sumo-Auth: Y4kDW7DpPd7heOAHb2LJxao3

Response headers

date: Mon, 20 Nov 2023 08:36:22 GMT
content-encoding: gzip
server: nginx/1.21.5
etag: "-362431178"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hafizrahim.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 49D3 42 B
64 B 62ms
62ms Image
image/gif 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst12TvlpL3VCKGT3-kDChTc5-hrlJbC8XcjZQt_nSV0lfe2ptPfClMWUCxCXAI6tGhX1a319cy-2Mzlr7Z6H9qfsncvMcacuaf6YrZoA5XzLpSlzkBNkp4xzY2WecDHMJPHLRZqhjMahw&sai=AMfl-YQZCf39yqVpBmhLm8BVyP9_8VM-1_YSK2x3TRnXl6ZxfAvZuiP6-KOJkB21b3Kci7e1ejFwXD0H1rKF2nV3_BrNdp3gkJ21Kgznexcj3mLbkketZIJp7Msw-_E&sig=Cg0ArKJSzOFQMBMfFBHCEAE&cid=CAQSOwDICaaNlwOHNpdXEQPdMUXhd4PLSqfSEVjoV5X9Z1bqyl0PjQkMnUpIFghmXYxeuI2UuPcNUZtYLYaxGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,163,119,372%26tos%3D1667,401,0,0,0%26mtos%3D1667,2068,2068,2068,2068%26amtos%3D0,0,0,0,0%26mcvt%3D2068%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2260%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D27%26pst%3D216%26dur%3D15018%26vmtime%3D2279%26dtos%3D2068%26dtoss%3D1%26dvs%3D2068%26dfvs%3D1667%26dvpt%3D2260%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2068&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1700469380036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItuPRipbSggMVwVKdCR0VAAS6EAAYACCz0rthQhMIvZejipbSggMVBUxoCh1FogIO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,163,119,372%26tos%3D3309,401,0,...
ade.googlesyndication.com/ddm/activity/ Frame 49D3 42 B
107 B 58ms
57ms Image
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItuPRipbSggMVwVKdCR0VAAS6EAAYACCz0rthQhMIvZejipbSggMVBUxoCh1FogIO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,163,119,372%26tos%3D3309,401,0,0,0%26mtos%3D3309,3710,3710,3710,3710%26amtos%3D0,0,0,0,0%26mcvt%3D3710%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3902%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D31%26pst%3D216%26dur%3D15018%26vmtime%3D3924%26dtos%3D1642%26dtoss%3D2%26dvs%3D1642%26dfvs%3D1642%26dvpt%3D1642%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777216%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3309,3710,3710,3710,3710%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3710;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1700469380036;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 49D3 42 B
64 B 57ms
56ms Image
image/gif 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9_r2ghpbZb3OOoWYoQPFxIpwiMm3p3T-6smV7BH3t77PiAoQASCkiLYNYL8FoAHaoJb5AsgBBakCCNxJB3b5qD6oAwHIA5sEqgSQAk_Qsa64kqS-CE22RJJLbYSU-w2XlunwfmZ8p78L7LoXP7J7od61XrUDO_gj924ZxTjsjF9gPuTAc-fESMDOKoN2-o3gQRjCzvasuMgdU0tiR50ws_NdiSOe5FJitQsM7YsHlxfUWm-uUL-SobrkySG_mZI3gGFHK59q1-4nerCoFm_5OrOtQiPFMhpcpnEExvw00OGCbUAW-nqSMFon2dwCkGnFFXr4nN4kBrdmilH95mbGzpKPDXsGcwuT_1miud1ajVIjiZdZAUlgTMQNluuuA2F4uGUg-9yFVta3o2uk5xsZMe-F15NHP0Kwk2MjtPOKryZy6Iqga8lmnAsjBNXXTaHEcRISX0WJAMpjzXiZwASezZP3twTgBAOIBfbzmpxNkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJTR7ATnqeyFdATANgTA4gUA9gUAdAVAfgWAYAXAQ&sigh=EXm9PuD_IwU&label=videoplaytime25&ad_mt=3924&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,163,119,372%26tos%3D3309,401,0,0,0%26mtos%3D3309,3710,3710,3710,3710%26amtos%3D0,0,0,0,0%26mcvt%3D3710%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3902%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D31%26pst%3D216%26dur%3D15018%26vmtime%3D3924%26dtos%3D1642%26dtoss%3D2%26dvs%3D1642%26dfvs%3D1642%26dvpt%3D1642%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777216%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3309,3710,3710,3710,3710%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D948520837%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3710&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1700469380036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 5ms
5ms Ping
text/plain 2404:6800:4003:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3XF4Q7PP3G&gtm=45je3b81v890531420&_p=1700469378197&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1679573734.1700469379&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700469378&sct=1&seg=1&dl=https%3A%2F%2Fhafizrahim.com%2F&dt=Hafiz%20Rahim%20-%20Malaysia%20Lifestyle%20Blogger&_s=3&tfd=6472
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3XF4Q7PP3G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hafizrahim.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 08:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hafizrahim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 01:57:09	Name: demandSupplyTi Value: f8ee2ba0-425e-4754-896b-13433052543b
.demand.supply/	1970-01-20 16:21:11	Name: __cf_bm Value: Kf2gjILhrW6aymyyyJXOlfSVSLD6yD_aWvzH4R0bV98-1700469378-0-AQRIFLc2NAMAoRhXFNpu24WAhz4uILi7hAww+xrmuWWYOfSbiNwCyFI18yCdBsQdinhvkmP/RcTyhUKsbvjAEyY=
.hafizrahim.com/	1970-01-20 18:30:45	Name: _gcl_au Value: 1.1.60695885.1700469379
hafizrahim.com/	1970-01-20 17:04:21	Name: __smVID Value: 328b89cb4f2136c5cfc01b64fa819ef44f47c6f4d72eecc5bf02c04e49342442
.hafizrahim.com/	1970-01-21 01:57:09	Name: _ga Value: GA1.2.1679573734.1700469379
.hafizrahim.com/	1970-01-20 16:22:35	Name: _gid Value: GA1.2.1632918807.1700469379
.hafizrahim.com/	1970-01-20 16:21:09	Name: _gat_gtag_UA_41420921_1 Value: 1
.hafizrahim.com/	1970-01-20 16:21:09	Name: _gat_UA-41420921-1 Value: 1
.hafizrahim.com/	1970-01-20 18:30:45	Name: _fbp Value: fb.1.1700469378961.104079825
.hafizrahim.com/	1970-01-21 01:42:45	Name: __gads Value: ID=1670cee69d832ac3:T=1700469379:RT=1700469379:S=ALNI_MbCXqyLj9AKdPenGg4h9FuJ__fuyg
.hafizrahim.com/	1970-01-21 01:42:45	Name: __gpi Value: UID=00000c8f40c44b82:T=1700469379:RT=1700469379:S=ALNI_MYgjcvH_xA9-PGgjXydJFEDWKFTug
.adnxs.com/	1970-01-20 18:30:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc%qKhlJ!@wnfH8K6pQK`!5=E<L5?%K2'rcf/].6FhVrHV2GBVi3@%6F?T<A%VtS<?%nugO%v4VB%nocG*Hr/T
.casalemedia.com/	1970-01-20 18:30:45	Name: CMPS Value: 5028
.adnxs.com/	1970-01-20 18:30:45	Name: uuid2 Value: 6764526666484732010
.casalemedia.com/	1970-01-21 01:06:45	Name: CMID Value: ZVsag6.uDLiZIGa.ngAShQAA
.casalemedia.com/	1970-01-20 18:30:45	Name: CMPRO Value: 4828
.tynt.com/	1970-01-21 01:06:45	Name: uid Value: xJVTDWVbGoMqOAO9NXhz0w==
.tynt.com/	1970-01-20 18:30:45	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1700469379378%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1700469379378%7D%5D
.doubleclick.net/	1970-01-21 01:57:09	Name: IDE Value: AHWqTUk-fzyGD0RYsgGp1lOBveayqknHD4IqRvlQO8GGwAddLuyKuWHLGZievHv4Epo
.quantserve.com/	1970-01-20 18:30:45	Name: d Value: EA4BCQG8KoEA
.quantserve.com/	1970-01-21 01:51:23	Name: mc Value: 655b1a83-7bc47-c30d8-42908
.eyeota.net/	1970-01-21 01:08:11	Name: mako_uid Value: 18bebdf9213-7540000001084678
.eyeota.net/	1970-01-20 16:21:09	Name: SERVERID Value: 18040~DM
.adsrvr.org/	1970-01-21 01:08:11	Name: TDID Value: 6ad193cd-5ea7-467a-b7eb-1b8d41a3199a
.socdm.com/	1970-01-21 01:57:09	Name: SOC Value: ZVsag8Co8XcAAHHjZy8AAAAA
.hafizrahim.com/	1970-01-21 01:57:09	Name: _ga_3XF4Q7PP3G Value: GS1.1.1700469378.1.1.1700469379.0.0.0
.doubleclick.net/	1970-01-20 20:40:21	Name: APC Value: AfxxVi5nik5ibgutH9CEW4MOtTA1VGjmAsai85E4jUUMe8j2Eqb77w
.linkedin.com/	1970-01-21 01:06:45	Name: bcookie Value: "v=2&48a26204-d9ae-4180-8462-79419bcd3aca"
.linkedin.com/	1970-01-20 16:22:35	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3060:u=1:x=1:i=1700469379:t=1700555779:v=2:sig=AQEVdn1SHaNlK9quU6yfUCGADjFGvieU"
.adsrvr.org/	1970-01-21 01:08:11	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIxvir1bnrtDwQBRgFIAIoAjILCLaVhYHQ67Q8EAU4AQ..
.crwdcntrl.net/	1970-01-20 22:49:55	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 22:49:55	Name: _cc_id Value: 20dcbe47efca0cfc961007a3e1e2c20c
.adtdp.com/	1970-01-21 01:57:09	Name: uid Value: AYvr35MFJ5LCBYUKVkQ
.adtdp.com/	1970-01-21 01:57:09	Name: dynid Value: AYvr35MFJ5LCBYUKVkQ
.socdm.com/	1970-01-21 01:57:09	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTcwMDQ2OTM3OX0
.simpli.fi/	1970-01-21 01:08:11	Name: suid Value: 7FE9E968F7B7430D8DE6E5852A23DCD6
.pangle-ads.com/	1970-01-21 01:42:45	Name: _pangle Value: 2YQswteD3Hxws62jM1RK5pT0G9U
.mediago.io/	1970-01-21 01:06:45	Name: __mguid_ Value: 1b7de7e8e7ea9cdd12g3ko00lp6nkb1q
.inmobi.com/	1970-01-20 18:30:45	Name: idsp_c Value: 912635b1-9662-4867-a99f-6b4de7dc218c
.tribalfusion.com/	1970-01-20 18:30:45	Name: ANON_ID Value: a4ntXLSZdIijSTnMSXONpaReOyhuCYb7VoGgN9Zd33xgJMWHbirmHqlL1FMeRlVntSm86MZanEKOVFSYrPjkkTffxiQlZaOx
.bidswitch.net/	1970-01-21 01:06:45	Name: tuuid Value: 5165e9fe-ccb3-440d-bbdf-da145b9cb631
.bidswitch.net/	1970-01-21 01:06:45	Name: c Value: 1700469380
.bidswitch.net/	1970-01-21 01:06:45	Name: tuuid_lu Value: 1700469380
hafizrahim.com/	1970-01-21 01:06:45	Name: __smToken Value: Y4kDW7DpPd7heOAHb2LJxao3
.bidswitch.net/	1970-01-20 16:21:09	Name: google_push Value: AXcoOmSH01Zpj5In97O4zinPDa0b4TrwKLS8h3mF4SU6HZE5fRqIWUw47M4gSQNYOTrSJAveeYnUGLbWgn6M0giCFg-oW7JawJlmpiLCKpdDLNG0T_GkzkXkzvcaNI3i8m4COaJwxol_4Mu3bgH4sDCD2pKN

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hafizrahim.com/ Message: Mixed Content: The page at 'https://hafizrahim.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gbnetwork.my/images/promo/300x250.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hafizrahim.com/(Line 2246) Message: Mixed Content: The page at 'https://hafizrahim.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gbnetwork.my/images/promo/300x250.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ade.googlesyndication.com
analytics.pangle-ads.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn-tc.33across.com
cdn.tynt.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
de.tynt.com
dis.criteo.com
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hafizrahim.com
ib.adnxs.com
ic.tynt.com
imasdk.googleapis.com
live.demand.supply
load.sumo.com
load.sumome.com
match.adsrvr.org
mweb.ck.inmobi.com
pagead2.googlesyndication.com
ps.eyeota.net
px.ads.linkedin.com
r2---sn-npoe7nlz.c.2mdn.net
s.tribalfusion.com
s0.2mdn.net
sc.tynt.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sumome.com
sync-dsp.ad-m.asia
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
www.facebook.com
www.gbnetwork.my
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
103.161.132.8
103.43.90.21
104.18.35.167
124.146.153.152
124.146.153.170
13.224.250.125
13.251.19.153
142.251.10.156
142.251.12.156
142.251.43.3
172.217.194.148
172.217.194.154
172.64.151.101
172.64.153.173
18.141.109.184
182.161.73.146
20.253.86.149
220.150.223.50
23.59.80.144
2400:52e0:1500::868:1
2404:6800:4003:8::7
2404:6800:4003:c00::5f
2404:6800:4003:c00::66
2404:6800:4003:c03::5e
2404:6800:4003:c03::93
2404:6800:4003:c04::5f
2404:6800:4003:c04::84
2404:6800:4003:c05::9c
2404:6800:4003:c0f::8b
2404:6800:4003:c11::9c
2404:6800:4003:c1a::5e
2404:6800:4003:c1a::61
2404:6800:4003:c1a::95
2404:6800:4003:c1c::9c
2606:4700:20::681a:de7
2606:4700::6810:8516
2606:4700::6812:18ad
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
3.113.105.142
3.33.220.150
35.208.249.213
35.213.12.39
35.247.47.28
52.25.145.156
64.233.170.154
67.202.105.34
001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc
003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f
0059cc0dc99ec949c5e71783885efd9fa68efbe68adb1c2ad3575bb809ff314e
0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a
04267038608d360c78254e55ab98e75045067567996e7dc7f1501784718dabbe
0583a425b34153cf9b8fcc2a3c8583a5b1f3e5e2071ab84dcd2530fff3098577
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0680d788f9d9de42544f62b8401729768fded8167eccb3de650a45b89522d973
099e1a6073195722ce0df54d17a68361349d7c273846ea41cce981ad2a23afe8
09d11a0f05391a40f2f4d730c3f4da411f69d749da8f1fa0963d1b7beec60cdc
0b3e890ebf2b7b5cd1e630719222e33544edeff17c722a0d2c70a5a587dfb694
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c612ac6911cda964e552741c615fb346b99f88ae4f752bb2b8741a6223c5a52
0ecdd4dc20b4bd48f33d26dfdfa035df3e6ac30d6b1990cef64b1d8fdd187158
0ed860fa118a699fdb451b9ea4c6fc38f7075c61de67c996c07ca04e086a55f3
1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204
124c834c3652d89f509de3c9af695a662b16deeba4ee6f07e4689ea115e5f46f
143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
198359871a634334d08257078cf84793c289cbb9d8c64c2a4a08251f93f6aa78
1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155
1c2f2b11e27c9280c2953390bb630897f5ef418286ce839e3e951ef633b3b52c
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d7cd98f9628efd7c08bbd85dc79f7cc659d2c8fde8829c37d061c9574400a39
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21b4b5ff7892c77646bc393bfc752994256c973b941efa1aec36293a69fd2f44
26e4e989d1cbb4165fa92b25dac4cb80622873db9261024a02ab37381a8f8e2e
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d3c3f0aef77fb062fdb90f3f9d192658958c5c1608560ecfb62afe5564d932d
2e4fd4a7e8c3d71dc45afe3817f4a837bb6cb4f3a0e2f56778ea17feb9a85c1e
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
32b5dd9da58482f0066f80d7ad189ff3e20f4eb1b9c0de242e26f12e940616b4
33a08de9d079cc66b081d02be5d55bec5c60fe10820447395e62e01192bfbd59
33bc1e4cb0149bcd78b51946dd003707ffa7ecfce57fc898f60a2ca39538cfbf
3a3fcee601e829af094ce197af4a7e839296ac3a944dd8f6673997586c57a385
3af280f0990482b54513814ccd47932b572ac1b38795dee6d7d3f99cde229b5d
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cfb3d15a79010b9427845e8f3f1ac5b740ff60f7c0f28d241420fad9275d51a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4354d085fe7d662098d6cd646600af9fe7ee492622cdce1a64f9ac70b3b799e9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
455eaaa14bd2055b7e4b6b2e8d30afd2d9a6cc103609f1d0826c578e374e93f6
49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c
49effd3bbbb1dddb200fbd1272f0e7df5af38625de89f6c8c1f226013ec477e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd87f4434dcfb2850efaac493330ace60f5f30a114d5ed1300c534b3cacfb03
4d06b180361e164e48f2010723c8844c4d1914e9a91f76e4d0773b49ad836d07
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
512e43cff32041e14e69d9030c2eb73871e61aba905c1968eda47ae0cef9cb7b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ff88bcf73a9a1211529bbab1275b88f0a645549b655fdcec74666feb1aaa3d
59a3f0a7cd6b65c1bcea7ae2b5a9ef5ecb4d90aa44cadf5d4f137049d1fbbe3b
5b41b46b185d0b140a5daaa26e9591411ee794c332e66d7905dfa45485af12d5
5dec29022b9707e60fc422798a13a6e194a6ee2d49398afde6643c8c15e0782e
5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c
60503484012ef4223a65cba598a0b01fa62c2baf01a8468a186d497775c3f041
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79
683b55a6a61d16ee40395cea5a26e8e95c030a2d66cc804ce72f6bc498ac1a94
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69f9428765c7ac3712c90f3cfaf6c90ec88bf004f8fffed0c7053dc06a51c1e1
6afa1887c4a43dc98bc31212f61480320973a2d89b7defb0c6c5988797b9fc1e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6fa044d18d7e8240a2a4438a7f3ff9f3f8ec666af6b89be029c0a1ddd0204836
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
744f1c3ffac03de2b841aba36dbfe51a4f6a3d6ab47cb497bb81cd093ab1b8fa
756336e4fe6f627cf53a0e94f892e8bdb49d3e8abe69f81b668dad2661607096
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
7741a6ac75435b52202e93ffb3f2660ad40bc1a5b52886d2a04d899259eab005
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78e863e1104cbfcfeae39e80380201fcba35f83347db4425a622d47c7c9b94f5
7a0bde1acd31ff832a492f3790d5128d22a1a988e0af81a429e74e2e6ad10e3c
80107f11f8fef70c5d2d2ff48293c1fddc0a7f904b00412d121d717bf454e14b
801d5c66ec9b9f884f5e06dca6d23bec46962c393bc824b41b846c14ccedb2df
80dfd3171ba490ef1db10f44d74f757d0c3f60ca3bad9735c0681886757e0aee
810192633ee89ab22466e2af663b0d02a3a37dd05c3fbad9175d2061a5bbc678
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387cc64ba490dfb6c12e0acbbd7a4511502848e4866e88473b6e673aab92cef
85efaa77cf10441f55e363bfd472294f6a7e7b1b552ea0909bcf0d2af75163d3
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
89644846ac88606cd02587b056a70df72d695d28dc3e0e22899a3c69bc4543d1
8f13c7600f9f1d9e0f396719a3465c24fac9a908cd81cfa2abb2d286b6349c72
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
938bfd6bbb0dfb32aa8eda404686c01a1d331d4b7777778aaa83a8207b0f878b
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9d5c84c2fc14f40ac8a5b55f625454b300ae5c013d67f621e7f0e92016112d34
9e016bbbbe591db632165d4255231af7e360444d9a3663dbb3c4920221f752b3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2552cfab09da1725d0cadf46862d82ac7e36bbc13a8240c3ee309546f193305
a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754
a984b2ac29344e581cdc0597abcbb31087588feec1508f7a15c646cbb6a9c5e5
aa16d61f8f5e504c28450a019c3ead3accb3f1d06cd1d949a5f2a38a2b19518e
aa306e3f9d8088342bd9b2782ae2d5aec86d705fbe6582d7f162f7258672fbef
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c
b09e7f97b4d28cbb8aecdd36823014cbeb127ce4973f3c17408519741ebf8932
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b461395fb8790df4a1668ee57e9ed40e73779a60b03b3c9f109abfc00ad916a2
b76ab1ea6380e17886247e081619141eb105c51d6cd3abdc658e86048b5c2feb
b7b5a2b1e94c762b04132e3f3fb140801e9b9ff55aeba4f1e32152df4e5a43ec
b9ad775b7f6ae624f03e7ef2d9447af9b1fb108637945c19e664a49f5be9f8a2
b9e78be0f5224e190705834d95672a44d55bc8f81a20c4f1c5d00d0a5aacd4d4
bcdcbf0b9a9f51e2347ea4a9b813c7f8a8b07dd341dfb2f42c8352a2d1b563f5
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bee50159a119efd6ac54f209d6a843185a79a3f63c2137ce11fbe7cde27b7f7f
c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2886ec47bcf16bbad2b48028698188bffd56bf59fefeb3b82bfac8a2120afaf
c3dc83cc4fb3fc6535c5e5fb061fc5ea193f7ff61c5e8f539f76c68b42d80a40
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
ca3db6575ce552baf740c2d5367e61a0a02b956d724e6ad500d01f82382b676a
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb580ab673973a6565101d297f46b401499c99c180020ebaa61462df41da8b24
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbef33084dd0de133e8d0c2d2588eae77f386cb638f443b67640f18e23b0dae0
cf8f10bd933e45c08c4528efb6b831bd3970e130763376577040e0fce3bdb39d
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
d3d236c74facff33fc1302180e76dc2eaaccf3afb578e64af84d6043e285c695
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d86f43523cffc101e85f866b58191b4d106e5650eb2b299b26c43455fa9ed6a0
d96159e5f31f887bf72186ae05a7eda7eeaa85a42696cb5bf7a7053509ef1914
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
e0e14a820179ab3f4037ececb74d17682f3f2620e0735c36a5c3514cc8fb2fd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e673f59c399d0bf47ab75353221bac529c23a56fd799563fb74f0d9c94e9b143
e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b
e833b1b7985a4d05ae0fc5e7a9414f3faf83686d39113ebcf7caf305e7950aaa
ea05ad76e8d224961ca5fd4a3b7d0d00eb2c2322346ce81bc0c0112beb001594
ea06456472c513cb38d8f650d7e79d701db4b9f5612d74249ae67bc3f595205e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f436911f8cf516ba9aa855dfb4abc3661bb2af564904a6171fafb76b367ccaa5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6abddbe5d6b87ebdfc3ef94d51cb72b139804c2ad38ee3ed1aeb591012b5076
f741f7cf065fcc9052719f396b39cf6e5e73ae4f5b70e8d0ee9ab4be12aa654e
f88f6f2e66915f4e309f6d94ae53f62b0017b433efc10060f5b23c621ea46ae6
f9b4f49fb6b76967da374f36b46574c8227e60a1f87a371e6299746856ff1c3e
f9e0d59eb46aea74c0a22ed837d86a54f9db67c28d354c03fcc29c169efe8e8d
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fd9e2666f2e5c88b4ccee9b5e6bdadb830b952bc26f42843da123c84e14125ea
fe848aff7a9258d89d74c0725f024daad6074b5edec17fc28cc496bf5fefdd5b
ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353

hafizrahim.com Open in urlscan Pro 103.161.132.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

90 %HTTPS

45 %IPv6

36 Domains

55 Subdomains

40 IPs

5 Countries

6895 kBTransfer

12557 kBSize

45 Cookies

18 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hafizrahim.com Open in urlscan Pro
103.161.132.8 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

90 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

40
IPs

5
Countries

6895 kB
Transfer

12557 kB
Size

45
Cookies

230 HTTP transactions
7 data transactions