www.thestar.com.my Open in urlscan Pro
65.9.77.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Submission: On June 29 via api (June 29th 2021, 3:44:05 pm UTC) from US

Summary HTTP 757 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 97 IPs in 13 countries across 88 domains to perform 757 HTTP transactions. The main IP is 65.9.77.24, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com.my.
TLS certificate: Issued by Amazon on September 12th 2020. Valid for: a year.

This is the only time www.thestar.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	65.9.77.24 65.9.77.24	16509 (AMAZON-02) (AMAZON-02)
102	13.226.155.128 13.226.155.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
41	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
16	52.219.124.198 52.219.124.198	16509 (AMAZON-02) (AMAZON-02)
4	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
26	65.9.77.61 65.9.77.61	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
8	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:218... 2600:9000:2182:9200:1c:47d:4bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
2	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6 14	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.228.188.75 13.228.188.75	16509 (AMAZON-02) (AMAZON-02)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
1	65.9.79.183 65.9.79.183	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 5	65.9.77.122 65.9.77.122	16509 (AMAZON-02) (AMAZON-02)
1	20.188.98.74 20.188.98.74	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
28	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
15	18.194.149.206 18.194.149.206	16509 (AMAZON-02) (AMAZON-02)
11 11	3.126.158.103 3.126.158.103	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
11 11	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
6 6	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
1	188.65.124.59 188.65.124.59	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	188.65.124.90 188.65.124.90	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.13.131 151.101.13.131	54113 (FASTLY) (FASTLY)
1	35.186.249.84 35.186.249.84	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
37	146.20.128.67 146.20.128.67	27357 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
16 33	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:210... 2600:9000:2104:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
81	146.20.132.47 146.20.132.47	27357 (RACKSPACE) (RACKSPACE)
1	65.9.77.10 65.9.77.10	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	52.19.7.243 52.19.7.243	16509 (AMAZON-02) (AMAZON-02)
1 3	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5 5	213.155.156.180 213.155.156.180	1299 (TELIANET ...) (TELIANET Telia Carrier)
8 10	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	65.9.77.106 65.9.77.106	16509 (AMAZON-02) (AMAZON-02)
2 3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.157.83.29 35.157.83.29	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
2	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	34.107.231.31 34.107.231.31	15169 (GOOGLE) (GOOGLE)
12	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
6	18.235.138.170 18.235.138.170	14618 (AMAZON-AES) (AMAZON-AES)
1 4	18.194.215.242 18.194.215.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:5800:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
38	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 6	52.208.167.91 52.208.167.91	16509 (AMAZON-02) (AMAZON-02)
2 2	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:303... 2606:4700:3039::6815:c036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	87.98.252.5 87.98.252.5	16276 (OVH) (OVH)
2	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3 3	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	51.75.146.162 51.75.146.162	16276 (OVH) (OVH)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.212.126.234 52.212.126.234	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	3.16.237.150 3.16.237.150	16509 (AMAZON-02) (AMAZON-02)
2	35.190.74.49 35.190.74.49	15169 (GOOGLE) (GOOGLE)
1 1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	18.185.202.111 18.185.202.111	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
757	97

9 65.9.77.24 (United States)

ASN16509 (AMAZON-02, US)

www.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

102 13.226.155.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-128.dus51.r.cloudfront.net

cdn.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.219.124.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com

s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 65.9.77.61 (United States)

ASN16509 (AMAZON-02, US)

apicms.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:9200:1c:47d:4bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tw.netcore.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.79.227.76 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.221.15 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.188.75 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com

sites.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.79.183 (United States)

ASN16509 (AMAZON-02, US)

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.77.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.188.98.74 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.vodus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.194.149.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.126.158.103 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-158-103.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 213.19.147.45 (United Kingdom) 11 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.242.197 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.59 (Puteaux, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.90 (Puteaux, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com

api.pxl.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

52a360d4000447a08efd7617080680a9.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)

j93557g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 146.20.128.67 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.217.18.98 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 146.20.132.47 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.10 (United States)

ASN16509 (AMAZON-02, US)

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.7.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.155.156.180 (Sweden) 5 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.6.251 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.83.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-83-29.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.235.138.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

vast.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.215.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:5800:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Schopfheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.208.167.91 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.6.213 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c036 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.252.5 (France) 2 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.227 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.162 (France) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.126.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.16.237.150 (Columbus, United States)

ASN16509 (AMAZON-02, US)

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)

handyfireman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.202.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.106.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
146	lkqd.net ad.lkqd.net v.lkqd.net t.lkqd.net cs.lkqd.net Failed	892 KB
138	thestar.com.my www.thestar.com.my cdn.thestar.com.my apicms.thestar.com.my sites.thestar.com.my	1 MB
66	doubleclick.net 16 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	395 KB
55	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com Failed vid.pubmatic.com aktrack.pubmatic.com	179 KB
41	googlesyndication.com c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com 8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com Failed ade.googlesyndication.com	260 KB
22	adform.net 8 redirects c1.adform.net adx.adform.net	13 KB
17	2mdn.net s0.2mdn.net	567 KB
16	vidoomy.com ads.vidoomy.com a.vidoomy.com	7 KB
16	amazonaws.com s3-ap-southeast-1.amazonaws.com	224 KB
14	adnxs.com 6 redirects ib.adnxs.com secure.adnxs.com	13 KB
13	outbrain.com widgets.outbrain.com amplify.outbrain.com tr.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	91 KB
11	bidswitch.net 11 redirects x.bidswitch.net	4 KB
10	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	240 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	414 KB
10	google.com www.google.com adservice.google.com analytics.google.com	21 KB
9	googletagservices.com www.googletagservices.com	320 KB
7	yahoo.com ups.analytics.yahoo.com Failed pr-bh.ybp.yahoo.com ads-eu.v.ssp.yahoo.com	4 KB
7	1rx.io 7 redirects sync.1rx.io	4 KB
7	facebook.com www.facebook.com	309 B
6	bidr.io 4 redirects match.prod.bidr.io	3 KB
6	advertising.com 3 redirects ads.adaptv.advertising.com pixel.advertising.com	3 KB
6	emxdgt.com vast.emxdgt.com	2 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
6	facebook.net connect.facebook.net	322 KB
6	cxense.com scdn.cxense.com cdn.cxense.com api.cxense.com comcluster.cxense.com	42 KB
5	de17a.com 5 redirects d5p.de17a.com	2 KB
5	openx.net 4 redirects us-u.openx.net rtb.openx.net	1 KB
5	ampproject.org cdn.ampproject.org
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
5	unrulymedia.com 4 redirects video.unrulymedia.com rx-stats3.unrulymedia.com Failed sync.targeting.unrulymedia.com	5 KB
5	google.de adservice.google.de www.google.de	683 B
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	186 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	crazyegg.com script.crazyegg.com	25 KB
4	cloudflare.com cdnjs.cloudflare.com	39 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	60 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	quantserve.com 2 redirects cms.quantserve.com pixel.quantserve.com	1 KB
3	simpli.fi 1 redirects um.simpli.fi	2 KB
3	google-analytics.com www.google-analytics.com	56 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com	937 B
3	addthis.com s7.addthis.com	191 KB
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	handyfireman.com handyfireman.com	651 B
2	gumgum.com 2 redirects rtb.gumgum.com	673 B
2	dotomi.com pubmatic-match.dotomi.com	207 B
2	turn.com 2 redirects ad.turn.com	1 KB
2	taboola.com match.taboola.com Failed trc.taboola.com	569 B
2	contextweb.com 2 redirects bh.contextweb.com	924 B
2	adgrx.com cm.adgrx.com	816 B
2	erne.co 2 redirects green.erne.co	653 B
2	ad4m.at ad4m.at	1 KB
2	loopme.me 2 redirects csync.loopme.me	415 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1002 B
2	criteo.com dis.criteo.com	720 B
2	o2online.de portal.o2online.de	1 KB
2	3lift.com 2 redirects eb2.3lift.com	943 B
2	teads.tv 1 redirects sync.teads.tv	414 B
2	amazon-adsystem.com c.amazon-adsystem.com	36 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	ubembed.com 52a360d4000447a08efd7617080680a9.js.ubembed.com assets.ubembed.com	47 KB
2	stickyadstv.com ads.stickyadstv.com	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1017 B
2	googletagmanager.com www.googletagmanager.com	91 KB
2	dmcdn.net api.dmcdn.net	18 KB
1	playground.xyz ads.playground.xyz Failed	490 B
1	bidtheatre.com match.adsby.bidtheatre.com Failed	550 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	adlooxtracking.com p.adlooxtracking.com	3 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	447 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	455 B
1	smaato.net 1 redirects s.ad.smaato.net	430 B
1	travelaudience.com 1 redirects ads.travelaudience.com	609 B
1	netacuity.com global.cloud.netacuity.com	404 B
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	j93557g.com j93557g.com	30 KB
1	dailymotion.com api.pxl.dailymotion.com	1 KB
1	dm-event.net pebed.dm-event.net	296 B
1	addthisedge.com v1.addthisedge.com	955 B
1	vodus.com api.vodus.com	1 KB
1	moatads.com z.moatads.com	1 KB
1	survicate.com survey.survicate.com	1 KB
1	netcore.co.in tw.netcore.co.in	1 KB
1	jsdelivr.net cdn.jsdelivr.net	31 KB
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	onaudience.com Failed pixel.onaudience.com Failed
757	88

	Domain	Requested by
102	cdn.thestar.com.my	www.thestar.com.my cdn.thestar.com.my ajax.googleapis.com sites.thestar.com.my
81	t.lkqd.net	ad.lkqd.net
37	v.lkqd.net	ad.lkqd.net
33	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com www.thestar.com.my
28	ad.lkqd.net	www.thestar.com.my ad.lkqd.net
26	apicms.thestar.com.my	www.thestar.com.my
24	simage2.pubmatic.com	ads.pubmatic.com
23	securepubads.g.doubleclick.net	www.thestar.com.my securepubads.g.doubleclick.net www.googletagservices.com
18	pagead2.googlesyndication.com	www.googletagservices.com c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net s0.2mdn.net tpc.googlesyndication.com www.thestar.com.my
17	s0.2mdn.net	www.thestar.com.my s0.2mdn.net
16	s3-ap-southeast-1.amazonaws.com	www.thestar.com.my ajax.googleapis.com
15	a.vidoomy.com	www.thestar.com.my ad.lkqd.net
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.thestar.com.my c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
14	image2.pubmatic.com	ads.pubmatic.com
13	ib.adnxs.com	5 redirects cdn.thestar.com.my googleads.g.doubleclick.net vpaid.springserve.com
12	adx.adform.net	ad.lkqd.net
11	x.bidswitch.net	11 redirects
10	c1.adform.net	8 redirects ads.pubmatic.com
9	www.googletagservices.com	securepubads.g.doubleclick.net c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
9	www.thestar.com.my	www.thestar.com.my ajax.googleapis.com
8	images.outbrainimg.com	www.thestar.com.my
7	sync.1rx.io	7 redirects
7	www.facebook.com	connect.facebook.net www.thestar.com.my
6	match.prod.bidr.io	4 redirects ads.pubmatic.com
6	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
6	vast.emxdgt.com	ad.lkqd.net
6	match.adsrvr.org	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	widgets.outbrain.com	www.thestar.com.my widgets.outbrain.com
6	connect.facebook.net	www.thestar.com.my connect.facebook.net
5	d5p.de17a.com	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects www.thestar.com.my widgets.outbrain.com
5	www.google.com	www.thestar.com.my www.gstatic.com www.google.com
4	ade.googlesyndication.com	www.thestar.com.my
4	sync-tm.everesttech.net	4 redirects
4	vpaid.pubmatic.com	vpaid.springserve.com blank
4	ads.adaptv.advertising.com	1 redirects ad.lkqd.net vpaid.springserve.com
4	googleads4.g.doubleclick.net	www.thestar.com.my
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com www.thestar.com.my
4	sync.targeting.unrulymedia.com	4 redirects
4	script.crazyegg.com	www.thestar.com.my script.crazyegg.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	cdnjs.cloudflare.com	www.thestar.com.my
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	ups.analytics.yahoo.com	www.thestar.com.my ads.pubmatic.com
3	um.simpli.fi	1 redirects ads.pubmatic.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	pixel-sync.sitescout.com	3 redirects
3	c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	tr.outbrain.com	amplify.outbrain.com www.thestar.com.my
3	s7.addthis.com	www.thestar.com.my s7.addthis.com
2	pixel.advertising.com	2 redirects
2	ads.avct.cloud	2 redirects
2	handyfireman.com	j93557g.com
2	aktrack.pubmatic.com	www.thestar.com.my
2	vid-io-cle.springserve.com	vpaid.springserve.com
2	vid.pubmatic.com	vpaid.pubmatic.com
2	rtb.gumgum.com	2 redirects
2	pubmatic-match.dotomi.com	ads.pubmatic.com
2	ad.turn.com	2 redirects
2	pixel.quantserve.com	2 redirects
2	bh.contextweb.com	2 redirects
2	s.tribalfusion.com	ads.pubmatic.com
2	a.tribalfusion.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com
2	green.erne.co	2 redirects
2	ad4m.at	ads.pubmatic.com
2	csync.loopme.me	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dis.criteo.com	ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	vpaid.springserve.com	ad.lkqd.net
2	portal.o2online.de	www.thestar.com.my
2	eb2.3lift.com	2 redirects
2	rtb.openx.net	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c.amazon-adsystem.com	www.thestar.com.my c.amazon-adsystem.com
2	www.google.de	www.thestar.com.my
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	sync.search.spotxchange.com	1 redirects www.thestar.com.my
2	ads.stickyadstv.com	www.thestar.com.my ad.lkqd.net
2	ads.betweendigital.com	2 redirects
2	www.googletagmanager.com	www.thestar.com.my www.googletagmanager.com
2	api.cxense.com	cdn.cxense.com ajax.googleapis.com
2	api.dmcdn.net	www.thestar.com.my api.dmcdn.net
2	ajax.googleapis.com	www.thestar.com.my video.unrulymedia.com securepubads.g.doubleclick.net
2	scdn.cxense.com	www.thestar.com.my ajax.googleapis.com
2	fonts.googleapis.com	www.thestar.com.my
1	ads-eu.v.ssp.yahoo.com	1 redirects
1	secure.adnxs.com	1 redirects
1	trc.taboola.com	1 redirects
1	ads.playground.xyz	ads.pubmatic.com
1	match.adsby.bidtheatre.com	ads.pubmatic.com
1	ws.rqtrk.eu	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	p.adlooxtracking.com	www.thestar.com.my
1	ssbsync.smartadserver.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	global.cloud.netacuity.com	www.thestar.com.my
1	assets.ubembed.com	52a360d4000447a08efd7617080680a9.js.ubembed.com
1	static.adsafeprotected.com	www.thestar.com.my
1	j93557g.com	www.thestar.com.my
1	52a360d4000447a08efd7617080680a9.js.ubembed.com	www.googletagmanager.com
1	api.pxl.dailymotion.com	api.dmcdn.net
1	pebed.dm-event.net	api.dmcdn.net
1	comcluster.cxense.com	www.thestar.com.my
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	v1.addthisedge.com	s7.addthis.com
1	api.vodus.com	www.thestar.com.my
1	8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	video.unrulymedia.com	securepubads.g.doubleclick.net video.unrulymedia.com
1	log.outbrainimg.com	widgets.outbrain.com
1	ads.vidoomy.com	securepubads.g.doubleclick.net
1	sites.thestar.com.my	www.thestar.com.my
1	widget-pixels.outbrain.com	www.thestar.com.my
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	z.moatads.com	s7.addthis.com
1	survey.survicate.com	www.thestar.com.my
1	amplify.outbrain.com	www.thestar.com.my
1	cdn.cxense.com	scdn.cxense.com
1	tw.netcore.co.in	www.thestar.com.my
1	cdn.jsdelivr.net	www.thestar.com.my
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	pixel.onaudience.com Failed	ads.pubmatic.com
0	cs.lkqd.net Failed	ad.lkqd.net
0	rx-stats3.unrulymedia.com Failed	www.thestar.com.my
757	138

This site contains links to these domains. Also see Links.

Domain
newsstand.thestar.com.my
www.dimsum.my
www.thestartv.com
mystarjob.com
www.carsifu.my
www.starproperty.my
www.ibilik.my
rage.com.my
www.mstar.com.my
www.kuali.com
www.starcherish.com
www.988.com.my
www.suria.my
mystar.newspaperdirect.com
advertising.thestar.com.my
events.thestar.com.my
perfectlivin.com
www.rage.com.my
starproperty.my
starsearch.thestar.com.my
www.kuntum.com.my
50.thestar.com.my
sso.thestar.com.my
login.thestar.com.my
biz.thestar.com.my
thestarmall.com.my
promocodes.thestar.com.my
www.exportawards.com.my
t.me
bredings-person.com
code41watches.com
misterstocks.com
divorcepayday.com
www.outbrain.com
bookstore.thestar.com.my
starmediagroup.my
www.starmediagroup.my
www.youtube.com
www.instagram.com
twitter.com
www.facebook.com
play.google.com
itunes.apple.com
cdc.hispace.hicloud.com
api.cxense.com

Subject Issuer	Validity	Valid
*.thestar.com.my Amazon	`2020-09-12` - `2021-10-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-27` - `2021-09-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.netcore.co.in GlobalSign RSA OV SSL CA 2018	`2021-03-18` - `2022-02-28`	a year	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.survicate.com Certum Domain Validation CA SHA2	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
api.vodus.com R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
ad.lkqd.net R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2021-06-15` - `2021-09-13`	3 months	crt.sh
api.pxl.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2021-06-24` - `2021-09-22`	3 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
j93557g.com R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.lkqd.net Go Daddy Secure Certificate Authority - G2	`2019-05-13` - `2021-07-12`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.cloud.netacuity.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
handyfireman.com R3	`2021-05-15` - `2021-08-13`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh

This page contains 101 frames:

Primary Page: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Frame ID: 1A78BDDC7D0FA798FB393D2DBEAE8712
Requests: 272 HTTP requests in this frame

Frame: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06FBE5A5F959A4879F793F8F5E844516
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBpDNhNpMb36Hi_Bkh7z6G6WxTxNRc_VKM4wqyo__MzWjEVGErudBhzXeqSbTZIDUmEvG6sEsw5UVPDidzaCQK_AuH9tAl_8xkHSDz9DNgDGy_CA_LtgnNI8oAvS6YE8NK_aW-Aak_XQDVzMoGgaeMSQvCyBjlXDs_LwlCj81kwyThuU9v3Ch9RPGiRdIjCa1mYnCHmvbiJ0FLZKPclNK_r8NkMWrm8vrPXIgaTI_iFI-l-CINCE1ndNKA85VjTljyFGvrz7pV7XNGf3qOEGbcsB3ESPeRHPzRKuWC9KIRhcnHu5x7yhdOgubmXaY8aPbntUuRCF7CvvIvZFk_tuFgBBG2eIP0MkDEWRbI6XIbIHI&sig=Cg0ArKJSzFl6bdq6KP64EAE&urlfix=1&adurl=
Frame ID: 9A58001BB0D9EB8D136BE15512028A28
Requests: 13 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 7ECDD74A15D4CFBA31CFD6A71E22FAB8
Requests: 2 HTTP requests in this frame

Frame: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Frame ID: 808B1759EFE602B235B9FE129B7E9A50
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWBOwYdO7P43mZiK7QQJI7167vAlSnPIrPoCPPG33NSi08fIs2ZLC5E4xatKod9UGf85jNgM-F-uAi6EHb1dXpRfCShRAz1k31y0g_517771iUMHvP0OvTclQGfq0STpabL-3KWHyCw6ZJT7icgkQ4-H-71QgDWdhuwTpahqQN7YXq7bmgxKS9ZwOhdOYPFXNEfqgjUceXrOc_SdTNR4UGxX3RUzK7HVgbl9duNEvF_KVY1k0yRg-m8G4v-NRmiIHeXgddDjBjuHtwHYglTVzDE_V8M13K_-Mb_AfS75NBph1_qgQSahD1JW7gRQqMRxc28XzV9kanhlgYe-2P-9FxoctXmwaeGvNx0RC_n1S_pnIARSn4NPcC1M_Fp--3ZaHhrFK-Gqw8mLNabiC9lAFTAAhqbewtJh6j9LiT5Sae&sig=Cg0ArKJSzAr_H6CmMnd3EAE&urlfix=1&adurl=
Frame ID: E58E309E2F7A07FD449CCCFA869F2213
Requests: 40 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtJW0-8mYV3YYuJ5HXPQL3CZWmMPQRpHhQ_LtYpn6tFg9E1t15Qyt9gfIEmgtGd5AumiP8AnlgnVnHHmQxKY6jAc8so1sX9Mfej971kT9qoJyrZr4yYv4Q7qVC98V_de4IJpfqStwuVIbJibxgcTtrG9sBT2akAqwCNmDFpjVXZjsufzFKND6-E0LGD70sJOl7GCjzHzInJWLxmq0k3rWqvzWkx1WY95TsKLj9lL1Ft5b4Qgpq9D9Df8XN7UUS7GmiFQviymh83xIHNqPKBD_7yVDBfRlqcg9l3ZZ3pGrALn9ghqnzAVbEJwuC2Lp0NhON16J_uAHLrwelC241ffPO10SA2m67VE3Uyrd7aOKA9BQzM9uTFEEBYziLT5-kMxH8PN_ixl26_lDJBLTeDqCcvyEnDGDxrxuA8Jwo&sig=Cg0ArKJSzP-Dhb2N16K-EAE&urlfix=1&adurl=
Frame ID: 86A9EF8E1235F9DF7BD5BED70AB0D75C
Requests: 5 HTTP requests in this frame

Frame: https://8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0406C5C6B236DBEA3817D1249F59C3B8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumPy7cNA1-d6Kf7dqKudiIisPVC-3PoDbBheoV2bLE8X8_uVHOQlB3Yyc4jetR1CsWtqKsl60pwdCBtwyrNL5006QtLfUcJY9-8atiBjTScoDd7vHIDwJbe8SGaIv14T_S2r_-U4iQbwzdt06wtPDLQtkawq6GG4aucAZkY3WxBR7jZgwelIOhZc-4XKIbA_lgdBT3Myzr-GbhxzfuQZoTtZKzCsRnq0fuKHOYoYG3qChNBY0dTkNBktDlvBKbhOEc4BvntnVQTiwjSrOdYjfHc0VefCBZ69_hek8A5KuTk5GyEPySbQ5fHRG0FS2v70mEPa_w1e7AhBt8cVQPP_udS3hJ7QjLFsBNK6KGYHWKpFZNLL6ZHK-TNyLf-dai-bi4Yb1bUayeqp0Ee3ta2v15MP5xElTbnbDakdsazulWWjk&sig=Cg0ArKJSzOLDIdobhIjlEAE&urlfix=1&adurl=
Frame ID: B2EEB9B58197FB2D86552495733DD3CE
Requests: 6 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1708-0-g52a14ef.js
Frame ID: 5EBD9B88467DD42A4441A607B35B8CD2
Requests: 2 HTTP requests in this frame

Frame: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2128111CC61AE23AF649B5A090ACE5F1
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Frame ID: 76F1663181925144C4D6E13E60950D21
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=invisible&cb=ht7eorxf80av
Frame ID: 7E8347B84110BDE0B1F9C94B4E308691
Requests: 7 HTTP requests in this frame

Frame: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE3FBABF8119DC9FBEDAF3285422F3D2
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF7G3yr5B0WsDQh958ZRHcNN074IU7EZR12Sd6InL2l8I9Sac1k4LanY02pIUvY161cM0h-Dqirzgl7sLQFGwJ88-64AWmmNehMJ4g5FtggmAJ4aldSZF0mSqVDC5zftuhFsfZ1DwPtPAf7eZp1B6j2SceI1jNlMgTZT6hnbUMW-JOESdR650hHUvB_jlS7CUO79xbFJ72uYq2ENQav7nJlQM-ORxSv6BGCyX0zTr3PoKwAuI83pinXpOa6BwXkCO1BYMKHXZ8gvXAgnkfSvmR2-aiFewfjBfrOCxa3UWwMqdDLXQKyLjqi-SKcANdVh2n&sig=Cg0ArKJSzJ4LPHylwDmcEAE&urlfix=1&adurl=
Frame ID: E15863F785FFD254076095EA36F0F3AA
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6A9BF6FA3DF5B0181F8AFC6638863D52
Requests: 13 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 23DF239A24E145894C05281FB085FB1C
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 2B0177B97181DF601AFA91689886739E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 5614363C8A313FAC9A6C49335A8D6940
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk
Frame ID: 9A54B7FBE7435B05F19263789BE37A75
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo
Frame ID: 7B2CACE4CA5A1D2D9FF7930D5FF8D894
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 24B7C24C5EBC7955A492B7869FCAAB5D
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6E39133C19C3E8E3408D2B772DA60BF4
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 45E06F9734E319F5DF266AC0F4558953
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A9B957AEAE5FB06620AA1DEFF78A09A7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 3ED83E4279702BA400D87D1E3EAC8B87
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
Frame ID: A34105FF40A5BEADBAB82E21369C878C
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
Frame ID: 79A830985A3EE24D534D849D17CE338A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 825F72A558116F74445FE7A35647F957
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F57DBED08004A4B00FFFAE556102ABD
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7972685BD6110DF277C30E19B6547480
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FAA678A38177F67959863BA57D15CCC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C9A1EB42A2F403D220E682FFD0A4DAA
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E61EDE476E7D85CAC79154431853F5C1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js
Frame ID: D4CB37AFA68143F759FBDF99E0304D5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js
Frame ID: 08D91347E2B5A3F44D9F645673E20B46
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2acede25.js
Frame ID: EAB8DC60A7B49D75540DBBF56293FA8C
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Frame ID: A9A99C82B01502250F59CAC3F0D035C1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A774ABD35230885F0C02FC97643A0035
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
Frame ID: AF123E5BFDF6F0ABA46953621CE16BAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641
Frame ID: B1F707E5D83FB30371CFD425F7B9FB30
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E665AC9D4E292E38E5F956BA70FD6A66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557
Frame ID: 1724F7CA3F3AFD672A857DA93B2B8D98
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: AE6B5DEB59F7B8B9851FA44B0B910B76
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: B5123C447AD639539D32883508E8EDE9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
Frame ID: 62101A416E4670742A02D8BC771B59D2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: C6823869FA3215771266AD77C53225D9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
Frame ID: 41976F8D655E0F2AB1DA2239D52A83BD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 885254323AD6FCE0A3F09465407E32F0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 55D65A214BD51C5A824336E032F081DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219
Frame ID: 609731C285A583EDC29FC7F00E2B75B3
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5136f149-dac3-4d4f-8652-900e931bf380-tuct7d4c526&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: AFD970153084035452F121353A33FCC7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7C875C2B0A0217A3C92CE86B7F515582
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E6E126B0B1395F95D1C6F2ED69D0E802
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 319A26EE8B8C8B6AF97CBA9D123AB803
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 8B9C36E17E0CD730B956A6A31587F2CE
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7502A3FDCB799540A932C53B6AF030B2
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 721EAE0712A3EAE5C33891FFE5BA9D0B
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E23EA42938C0FDCA3E3EA732011AAEE8
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: ABCEC378719DE15472051D8B6E62C660
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2A007E3E38808159FEAB04CA34138969
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E272D86C56E0467BF456A100985ED65E
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B3125CEA99A030EB92B12CC201167C64
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0B9F020F9C40F9432AB43F263772ADF8
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_43841c86.js
Frame ID: 2C67C1AB207ACB700AF23AD939C87E1A
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Frame ID: 6E02EA0DCF0EF7BEF63C895ED4B6E8B2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 25D3950D3ECBB7F1DF59666714246308
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
Frame ID: 7B5EF6B7CB8F28844AED3ED9D398EE87
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892
Frame ID: EE87247D70EFDAEE1733F115D73ADD66
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 54A634CBFEABFAFC1235D61164A939CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335
Frame ID: 08AE5CB0ADAAB2A628301DF92D42850E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 972BB24657EB2342BC8FFBE39A676B28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: ED964649F10C6AFA9FD0BBB946AD7553
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003
Frame ID: 7FBE88A9CA791F72ACE53F34EB9564A9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 7047FDF2D9831B4C80E8126E4D55BC53
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
Frame ID: A5A0BB04C1CD41684FB558FAEFCC48F0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 004B7D21C460F143D8BB3AB90C7CCCCE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AFBC808E0E4EC52BA2EF0DB056440485
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219
Frame ID: 94F52AE4179F8FFB88036D6CFF669145
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 09F88AD441AD855B6C521044A677F122
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 65B0173E7C53321834DD735D509859B3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1A25B250BA9738189CB7161DBD3E33C7
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7EEEC9B269EAAE46BE7E6F5C1A4611C7
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 99CFA56E2D713D221D7081A2FB652024
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A1C2E021B6FE62EB8CF0ADE3AF545A29
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F71A9D5479AABC1C22A256A54D00AD2F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 95150E3B844A98054B4F0B43D0BB1E6E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 280050A71B484AEC857D180A3A522897
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 51E382703A651B7EBBEA72DA6753837F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: BB83A8DEDFB4EAFA93E8F96E2C5E7665
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BBDFD6E6CBC652782E750E071FB938F5
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: AC8CDD59B4E5ADEBD2CE05DA8EFC0C51
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DD770EE6A6A91BD499F2BC39143BD3F6
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 63F2A0E5C61568A2ADFAFB1D282918E2
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: CFC4CD59407CB0BDB7E9CDCB47879D08
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C9FCD0782F3D5C9B8013862C8E62D28E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7EFB53C760DF8ADE40DA6388A870C315
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6C848479167D8554245999AA94232293
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2F53E726A9CA74507AE23D9A40F8E061
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D670BA4B64FCFD36D8A593EE54681961
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 83FC64467072DDD4D58AA5E864DA7491
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

757
Requests

89 %
HTTPS

32 %
IPv6

88
Domains

138
Subdomains

97
IPs

13
Countries

5948 kB
Transfer

17328 kB
Size

0
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://newsstand.thestar.com.my/epaper/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://www.dimsum.my/
Title: dimsum entertainment

Search URL Search Domain Scan URL

URL: https://www.thestartv.com/
Title: TheStarTV.com

Search URL Search Domain Scan URL

URL: http://mystarjob.com/
Title: myStarjob.com

Search URL Search Domain Scan URL

URL: https://www.carsifu.my/
Title: Carsifu

Search URL Search Domain Scan URL

URL: https://www.starproperty.my/
Title: StarProperty

Search URL Search Domain Scan URL

URL: https://www.ibilik.my/
Title: iBilik

Search URL Search Domain Scan URL

URL: http://rage.com.my/
Title: R.AGE

Search URL Search Domain Scan URL

URL: https://www.mstar.com.my/
Title: mStar

Search URL Search Domain Scan URL

URL: https://www.kuali.com/
Title: Kuali

Search URL Search Domain Scan URL

URL: https://newsstand.thestar.com.my/
Title: Newsstand

Search URL Search Domain Scan URL

URL: https://www.starcherish.com/
Title: StarCherish.com

Search URL Search Domain Scan URL

URL: http://www.988.com.my/
Title: 988 FM

Search URL Search Domain Scan URL

URL: https://www.suria.my/
Title: Suria FM

Search URL Search Domain Scan URL

URL: http://mystar.newspaperdirect.com/epaper/viewer.aspx
Title: The Star ePaper

Search URL Search Domain Scan URL

URL: http://advertising.thestar.com.my/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://newsstand.thestar.com.my/epaper
Title: ePaper

Search URL Search Domain Scan URL

URL: https://events.thestar.com.my/
Title: Events

Search URL Search Domain Scan URL

URL: https://perfectlivin.com/home/
Title: Exhibitions

Search URL Search Domain Scan URL

URL: https://www.rage.com.my/
Title: R.AGE

Search URL Search Domain Scan URL

URL: https://starproperty.my/
Title: StarProperty

Search URL Search Domain Scan URL

URL: https://starsearch.thestar.com.my/
Title: StarSearch

Search URL Search Domain Scan URL

URL: https://mystarjob.com/
Title: myStarjob

Search URL Search Domain Scan URL

URL: https://www.kuntum.com.my/
Title: Kuntum

Search URL Search Domain Scan URL

URL: https://50.thestar.com.my/

Search URL Search Domain Scan URL

URL: https://sso.thestar.com.my/?lng=en&channel=1&ru=HNQ8Auw31qgZZU47ZjHUhHKJStkK3H51/pPcFdJ1gQ9cFgPiSalasDvF6DeumuZwrPFzdYjofJj9eX1n44olyqGHD3HJYujVJKnBGSMMB/xM9GmUcR3h4RBYLtgVs7/oQLV7Mz6u4BQKv2QSHiXy0trldS2KiFEmqczAuWC4ge18+zuFJYPpZ/+9MUzONkqxUVYY12lugsl5kVfmsgmMA1x+z2xP0d+VWCKu2k7IzlrBFHe8od43fXSbCm5B0EPyOJz9TgqXj0a4op+0iylZ/ewjTLNkgbbjnuNYsXBFbSI=
Title: Log In

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/profile.aspx
Title: Manage Profile

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/changepassword.aspx
Title: Change Password

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/sessions.aspx
Title: Manage Logins

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/subscriptioninfo.aspx
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/transhistory.aspx
Title: Transaction History

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/billing.aspx
Title: Manage Billing Info

Search URL Search Domain Scan URL

URL: https://www.thestartv.com/c/news
Title: Videos

Search URL Search Domain Scan URL

URL: http://biz.thestar.com.my/portfolio/
Title: My Portfolio

Search URL Search Domain Scan URL

URL: https://thestarmall.com.my/collections/the-star?utm_source=tsol&utm_medium=meganavi&utm_campaign=general
Title: The Star Mall

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/
Title: Vouchers

Search URL Search Domain Scan URL

URL: http://events.thestar.com.my/
Title: Events

Search URL Search Domain Scan URL

URL: http://www.starcherish.com/
Title: StarCherish.com

Search URL Search Domain Scan URL

URL: https://www.exportawards.com.my/
Title: EEA 2021

Search URL Search Domain Scan URL

URL: https://t.me/thestar_official
Title: Telegram

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7ae4cf9a-a078-4b5c-8302-0a06079a7e4f?utm_source=ob&utm_campaign=pilze_dk_at&utm_term=$section_name$&utm_content=00a80f59b6a5311b3a48daea23068c83f7-%C3%84rzte+verbl%C3%BCfft%3A+Ein+einfacher+Tipp+gegen+Nagelpilze+%28Heute+Abend+test&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Ad (Pilze Research) Ärzte verblüfft: Ein einfacher Tipp gegen Nagelpilze (Heute…

Search URL Search Domain Scan URL

URL: https://code41watches.com/de/code41-the-watchmaker-breaking-all-of-the-records/?utm_campaign=outbrain&utm_source=de_at_DTP_Record_June21&utm_medium=3519&obOrigUrl=true
Title: Ad (CODE41 Watches) CODE41 mischt die Uhrmacherei auf und bietet eine…

Search URL Search Domain Scan URL

URL: https://misterstocks.com/trending/diese-stars-sind-millionare-so-sind-sie-zu-ihrem-vermogen-gekommen-ob-heinz-christianstrache?utm_source=outbrain&utm_campaign=005006266a2160a699ef61b99823ead71a&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+So+reich+ist+Heinz-Christian+Strache+mit+51+Jahren&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: Ad (Mister Stocks) [Fotos] So reich ist Heinz-Christian Strache mit 51 Jahren

Search URL Search Domain Scan URL

URL: https://divorcepayday.com/trending/boris-becker-ob?utm_source=outbrain&utm_campaign=00dfe3ddd929e1e45c0e75fe60a7acac81&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Wo+Boris+Becker+mit+53+lebt%2C+ist+traurig+anzusehen&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: Ad (Divorce Payday) [Fotos] Wo Boris Becker mit 53 lebt, ist traurig anzusehen

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/?_id=a3cfb697-149d-48e5-93af-ec90efa40384&sub_product=coupon-widget
Title: Snatch MYR15 Discount For New Customers - Lazada Promo Code x 7.7 Sale

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/?_id=98695acf-3587-4727-bbc3-af21eb0d8031&sub_product=coupon-widget
Title: Lazada Voucher For New & Existing Customer: Get MYR5 Discount For 7.7

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/?_id=968e7859-b85b-4c97-ad25-e8c64060b83c&sub_product=coupon-widget
Title: Get MYR15 Discount For New Users During 7.7 Mid Year Sale | Shopee Voucher

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/?_id=cd7ce3ee-ba1f-4f04-b5ff-7c5f4de483f4&sub_product=coupon-widget
Title: 7.7 Mid Year Sale | Snag 9% Coins Cashback On All Purchases With Shopee Promo Code

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/?_id=1dc02e41-5289-4f59-ac16-4bd132179d54&sub_product=coupon-widget
Title: Cake Rush Promo Code Malaysia - Seize 10% Discount On Any Order

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/vouchers-top-20-vouchers/
Title: View More Vouchers

Search URL Search Domain Scan URL

URL: https://bookstore.thestar.com.my/
Title: Other Publications

Search URL Search Domain Scan URL

URL: http://starmediagroup.my/careers/life-with-us/
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://www.starmediagroup.my/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/thestaronline
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thestaronline/?hl=en
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/staronline
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/TheStarOnline
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.knx.thestarmobile
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/the-star-mobile/id428184176?mt=8
Title:

Search URL Search Domain Scan URL

URL: http://cdc.hispace.hicloud.com/000000WJ
Title:

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/JfW14Jw4VhNWPSuOoiKFh_6c8n4DWUteX8RicuCF-sJf7EHXCt_NOkuJquQgZCA15E6izqMJ6ixop2hQADgfmODnYhZpXiOZeOVhn2k5mMfWNzO-GZhWthUPiZAqxewEst-X6PtRott1CHl0I-zJgP2ieAurSaK2wNgC0SGyZK6JMOr45_AqzuEFtLynolbsd24PLvr_AuF0IGrsg01OoAo2zXWE73WUHPKeglmiMmsu6uISXg3d5Aa3nJmVKWfa-GKzJpQlo8NsMPeFN6p8cl2bKQjEJow2G7b4f2jQ-ukgSEw8g6s3000Reh5ncmjLU4imwo5gWFqBEgAGJM1QXhr7twS23tPISNA4EYfDbrwgvZHbluuet7YHkeRKYzmEaBe0P7NdE0poQnEX5-qN163hxxXDV42wVCQuADYDIukF0g_xlwRYzs1qsRexJbQ7R8_anzPohNIYBJu2fx0kas-Dk9r2jVZC0ALG8nAIvftXlWt1daz551cFfFvE86YZpvuhGbMtl_1H9ny1LSxbOojVQBS29hYqUgLhLg7e-QW_tvmtyUship7iIqkshBLVBYvexaOL4HaIkdI8Hsn0EmzH1s_1ZsZMZsy9tboRVUjstUWTogKPxkl0cNmpp7ynPcAnABpQYXLxxBEJ2PrjEWG12vx5GcKxMO4wsL__0vIew62m9VrkOFeDMnPHQKX8ZAn2mQ4uxU9A0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/CmtFdHCeUJxZQ7Ml90kL5eoYzYsTBuucF4jWS-L0Ugte-J_t5uBwv9ZGRBqVaXZVOEJ_yNl6p5rSrkZz3-CRkyjqTbJ0BQ5xyC5VSeTAdm66F7TEF0-nAk17bU6_jvx0qP9ce17LgP0U4yQLYHI6N5NIrI8kq8zl90bF7FXJ0lfKY0_DCtbhvydJtGUvdo807T3NgVEUe_5JXn77hHCrlfQ-cJQEOQ9-5nEsJDsaMtnEshFHbGb7LVnGWgKEv_crZTr6k3hX2CUhnQtdYWG4sn0O4sTlvA5MT7haug_CJ1AFwMFFXDkAYAjO_cllIxp-4Pi76pF50kEDnxJGDvPTtNN_OziLZFy3hEAmpDH1se6c5BIkzpGEzp5zuOzmBR3Z-1Vf--nMbHgL_pIRAiMAIS2M2Z7mw4iPm1Xv_-EH9aOD-pmCyDVC_nLeHYFsWT9ipIEoiaS87H02y6xYUYHz46VvhNIvlEj-aijEZGJox1-MtpNyLFlj3d6DGZ5RjJh2qKz35L1ZuQkSE1-SYO1c6-q-sjyWkPFN_x42EWnn0zBB1uzXyymvWlwm6oJaqw-hcd21BanPPzf5KExn6J7fBlv6j-T1AB08LhXHjooCBzPjLYUoxsoMNOKyXlojhwM_3PcV2yqpf9LUEnQntDc7Ff5_ltbY0kU3DEDIT2pnlstmkGmD_8XCd0cdoLIvcsFXzfPqbXdY3KYfhqV0UUJIu2tk1lrBHLosuHQ0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/FqCUEc3_luKx-ravIbZhGOfUs-k8kwHTlbMIgO_v40vBoSc9iqhOZH-xw769iv4Deo_07hQ3OWu_ABo-VA_aHGlbzubexYV9cUOQeGT57MfIiO2yZprTGvrd_Liv-gmBKr31hZvzaeTUeHN6e_OUT4C65-sdEP5Y4jz-2gT97bIuRqSOAS174F8zmBRMH7zcDgGjlBouBkjoEBF4LEl-Nl0y0jzbID4_yCX0YwgSfOaVobJ_V13O2Ft0kCLaf2Zei-QyzEMJdgeogDs3YNIzHM4q2_djElrfLiGQSk9OfUcD9_NPfqyo6lF04DJijUGayPNdZSRNw_Y3SXnXm-xadACfp0AfdQ9pTeA5pyM4i1HcG2pX5mAicHS1LFV91ulmapAnQZQR7NqT6qNsNmHdPWbjXLk_D5Q20y1mbqWbPpB2BxJWkLZ6ywc6n7o4z4XJanpGlKgJKX5y0uGvrrVvYlnfR34E9K-_xZAcDNVaYWSW9pohwpHNHyGiZnmfv43vVcerx89yWmj_BIufoLS8wEYHGZAXUCwzhKlQAU52w7hFoVL0keStdbaUXCYV3BCZC3msbkE_e4hTguRAhdP-hwWgJ0zyfIrq6JNSqnIxsbshC_Q_a7uXTfoZYchzXFukQqNtoJcGndmI-mq4Ml3eri7UVGNuH0Qu2ld-HnLJpoJE8AZVfWA0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/MUywua0sQgIHT17RGOifLC12RIoaYec0x4Mzwjowzgyk31b0x3DfQAY_VlKX97SVaxIf9GuljVmEXMSYvzOo2-u9E66RZ-6MTPSA-gWSxj42UmC_l3v-wJIdDCM5mlGX6h-VylUM82FRZEMF96sEg2KmBFuA5wj6MySDpO200TJPNenOhiDhQcP3ZHn33EUmXYmlAIzWADEITuzxEPEFzDQeTwofRyqbNFKFwdk5a_jroBeFPOzPweLpFvYU9x474uHbYXbDqMNjqZroU9wD6iddQASgT_aUXQlx6RbQzWmaIcd7B9SdzM7NSiLUB4O1ZHBhuOX8OW8hX0PqidApZW2b1rVmMJ6G_uRFhkstTh2vr7YuGubLNNBS1yF2sMyiymBO2IVBZFbn3P80QNb12W3KGL7vylLsSDJ2eBCvsMOW-7n2YocqLntKU0PJM3YoN4cZb0bdGKR6CKZMDEqJSWqC-U7aZPmdMZIv7CwHXFNIrHUqMhPr0n3aUkMs_aZAP6oNvc0aCzHS_Qf4hkF12yCALmMoYIXiM1iNx7KePPfROK6yFljFSmoe3WokqDNj50uPuz-1S4xtVMz55BRp45NxqIUCVQ7QOAt_w-KGjarD8NDSBsZOjE-SJaTOUjcpR81YdMRQYuIql9ivwNjQsaCFqsPsfnM44W1u7IG0cg0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/WdcQY_bzV45CtqppQ7qBuVJdJddz5ltqQ6RPGgaKMxG0uvtsAOVz6d4FNF08dhSPY020bkusBKdztMsXJBHT1K11BWEs9J3QJsVha041NgEnI_YJwoqSZFvBA2X5GaPs3VLC1b4Bh9SRmVcuXmXEs5N8ZYjVfki3QafQ6Hd4-PivjGhsEQ6jfV1vgfq_V80jat5EwaUE2q3MUCZjL9ed7ZOiiAkZNUUwgASN9xwy3LB19WXBFzjS4V5EyXuAxP_m-kIZfmg3XjuZd0ZR__tNwpQMMdcRwyNRpCTONjEIXxT0wdMJ6xvDRIcp7t0_H0zsS0YGTwtVSvE560-kW9dIKcYD8aUQACJ7eoh6Ii6sfZpnm8lTcBJY4uaKI3_8OzSnHy5PuJq5BOJF0ASQFFXXlJUdUXJp3R2UrBKx6r4KYuccwl8Y-_FOLvpxIlzwtfpXM6NgE6MG-A5Jqgtkq1yTE4Ebe93YhhsqMvdN95C5y8cKv2w0b0vOuhKFykXmQZUdbkTOYtIr8irPP617mpAfid0NeZczrbqh3q8gIQtXhABrvmEIEvhbvJiPEqh67SyeFjHhLJ3o4BAUcRMWGqmybsYqcUCguMFenuNsG4_WWE6klYHWcb9awxD9iaXgqtQNCGH2zqzn9K_KBicFUqbvQIgHU0nu_wJtTGob6TtY81PibR8u2LtZUjL_hBmx43EH6Yz8Nx39MI9bcdXV8skLsr1ypM0uVw0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/MNiz_-ZsbH0BPJmJKVVXzvXO_b0-l7FOZGUyTgdeHidCI17sMkFIoBoxIO-vB1PCSUuJR7VdXNCuhJd2bCVD-h6YmmMEpyvqtQyyvftOUSLNPuvY9JGXiY2OMXnSvis6AaQkMtaZgPI2P2lIjsZRpUgXpYTCCkK9bpWNTdCkPr6bz4NSojCg2AsY-I0kUoDWcz1VKTSOkAdB47jsXp9JKh_MEIy9bBuYOgkRQvKrmqJx8B4BgVUpr9VjIEe3wl3H6G6rKVejRKUEZx4uGnc9DtRMVO2whTcUyQ9s5ujlYGF2V8tSQIMX8pwSbNWFiNqfE5JMlMPgUEP-7alPEUs0bnfBybpHlrvi_dB10ne_sCRJqjIOFYW-ljJ-sPHir4Zw3PcRsDgt6eQjB9rM2sLQhupljW_z1HVJu9iP_v4tMiVNA58ASZiLjc7UcHI70MtHqzLXplZMYNNaYl_yb_EICs2hFsS_A19fH1VHjMKX7ATsWgpkSN9XF65TtKsg9dqnF_ScQvjRbScm9i26CqUcbH6LZ-x8P26xbsae-uhmphnlBg2PVZJjyRdsCqVvtxYaA3OTm4aLdHluWbmlLT6fAFkBKk7l142uBAlkD4NRocMEU5dRBUTzXViydE3q65fHDRzop0_8Eph3rBwIXdHwLBbXAXxEH-Y-rbhb0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/uE7NE9mQ6nrfGWxhPXRgRz1XOvEx1yGiUaa7XEyKLoGbM5r6B050zEbICNTaL3Oq_RQWUoq-E4p9Vd8-crxNhtkUIt05AyWNKZSOwgKVFiMNifhIhOauXLfBO3vHmuCUBojEIPZ_f-58ZkEfN3uGodyPSErCe_nRjsXCtFg_NMW93ryL6DOCLe_sj-DE2lL1EXTiCg9e4mjMeXBonXlLHCDz53xQ_9xjwiAXNZhM5gcTDMed_I4xoY5amf45CqIYOlDJDOBygNZnIQBaPbt2XKGVLysyeyPgtvHZpLL9hysetFdCyj67hCL9XVAiYuzikzIQauGi-fFYXuyOpRQFU1_AMcWkjRy6p2mcbnsVmdwfUs9TOyNtTd-j10LpvDAomWlKm17a8UV7WlwKtJznFpCChRgBEdaQXNrtt5ekdsNvwQoca2kFqNS030X4T9rNCH6Mr7hxQpqVJa8D5zkFiE9CY74P1uKqwONlCGBcsgJupSTHuz02fPJZNva8rdGjCw-uzQpWLb5V1cFzIQ5NB1c0wL1iARb9nSvwwQqcDMGf7OasCAIWD34dmwyJfeRSjORZoZv-jLf5EWK6dv3j20YcS7M4q_xFNji1RmoTx7nogFAQiB3pZLfgwpAdLtF_-cid7IQdlDLpOTxiixn924xfrUGg43Y41QARN1E4L6-1UkXstlA8uugoEuhQge7bZtZV0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/4rOG8xAwTy0sltrd2zmpdcAahAbFP3f_HbJpJ9LYhQqhTD1RL03bIRRJAxUnJpz097ewHL_GtIAOVDuKzTkou52bEiRwEzjKLCk7nAPk2UT2FqTvYFru8HdzYRyK-IOeyFYNErBBWJ6_npaPbdy91M0G1Zrk5adoMdBDtfMnnIg14KgL0roh_5YQ0yCNz5pdkyXL3YGY7LQ3lXF1MN-i2WjhYzvEtNySuLvi8zRspCJAmXdHr6-2tlMhVyietwngK1HRQ-DhjpR0aIwd_EsbSm7q5xOcEAhf689M6OnsRwZqzh7tbvub_ztQZVxi9H9LO-jqcnECOJ0woGAj2l4U2sSv4ge7sni-Cj7DILvYFshSKdLEUp5zSEes9hJvNb7vXkgyFeHGpYGoQJb4DZC2Ls_B8Pme-oQdCs3z7S9rDp245bMrIpTLymIh6nMceaLbpglzHtx3WFR6NnKxwrMik1gsM9l6vOAdOoYWaDfHYhhzlb7NnKmlitl4hGeGoDFkzyC8QGF8CObJvOM7NyPprrG7sSZ3h_rzhj2SinMM9fFLvLqYzC_kCF0KtQoFRaBJx3OiNETm6ipBbeoSREOfJGQ7__COKFDLfKtzxScMrxgYleM0eKjE0yLot5z60EQeeMgAXMVQKxwqZgutdJN0PEbtKF4CgRKWDf0jd7k6X_1kiDzwtpBzdUo0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/kxLR2TnHSI3SD8SHNaT3F1qTnyulvm0FZNVgQfsR46VjSlt_pOobHl9j2nnJYCARt65mI-4MskROwaGF4kCk4APWJ2Oz0uxkao2rNix6tVs1wT1yxp0DaX1j7YPDPxJPkqYCJyxpxoneYWJBBCruJtLlK7x399qYVR8wXpMEIrceLMkTQPuv1lqNCZ4-jU0Q6HpNuUt9mnztoOOeahzyKfa-XW-mZhLSgkek2LAfo7ixyWtbX5V0YQhSjvks9FqCMtw4hNqGCE4Q7iWBXIysYUKkz33wcPAn75f2lfs4z2J5R36-I2mtzg2oE5RnqcHdJq3exfKVMh8MP5flJgBVp1XFmoWdJtJPV-hSlmtgMnuE8Mg6JPREtDVhdb76RmGfS5Alhif9TX4kbYQ9J_aUrTId8Ngt1_tIyrTKDWA2P0RR72FybKSfhdAkkBjNq0Y-oL7jtnudr9_yC5TU6v5002YQ1tFmIZ-IALIpJ9cAsxtZfT-fCWo9DFQbZh5ueWvR6vGCZJi8-msJUJY9ELs3N3E0fZqWbESC-y4XvNKfQ30ymKA_6Cq9zBAFNCBmK7aINh5XFW8ThOQcxq1BmD6sii1qJ-jrz-_9UeNxRe-kV6ZDnc58XNe_RD-rDpnoxbt8BGFwL6au1DscBF1pfcxLBu2-RRrEQaGYsleQySW5gEmPbCneIiXk3293IrNY-oMpIe3Kd7eB-MRxi1jBBIQnL-Mp0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/9Z9J8PBR07CPaexeuNpgCe7JI5nqWbWJOPsug53Ia_D_X6ss5USRIPBNaFfsJlFwsFjGl3szs0Kc7dc3rEGex88_P1JDqVrnf77YWK0GS2JpQjFLk02dA7MxFm1x9rfjaGlvv7crUGKFxFCfvpW-xWu3PgyBdRVuZqxzy9mEs5YRBOL-Vv8zweL8uKnBWL161ebW--It2ar8fnUqRyM7pEBpRgT5s7Pq9KHEEVoJ_BWi4mKccr2Rpboj4TNKgAFgnx4fZnKmJ1CXfC_8i9tdBT2YMzwu6iSXOvfzz81DIc6ZW99360RpyI4InM5OByALXZ7Xoms6es_pJtjYbxc0DgsHv2-jcJQ0jW643oLE5koP7CbF9biIGTh1WlRkuta6GnLgnDebnCsatvzaoTs5b9-dmQs7Pnh-zJmbhHxFKh3J24Mtv9iB7bdoQpqNPjE3k3tfAUdqFhLhCufkdzm4VwO0ETETE7o66rgJhCPq3T84RqOgrPMlmH41Ja3DcD1Z8milKucxg1I1UC2dOJUuZanfG7CRIbmPggnqcQsPUvgWMieUCJxN5qP0AJN5rrG3XEKP7faKfCkXcVY4cmj3tL4jRnRe2l0MVGYYLhr7t_ZC_LPex8dPWpKRa2A0iIJT-LQgo2aF0r21QGKNeBD4hK8-EOPJrMnH6Ina61B-JdhULdaI0
Title: Read

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 233

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 234

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=476308235.83603131177562975.36087918 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=476308235.83603131177562975.36087918 HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=1b291214-0be9-51b4-9fce-095cff1536fe&ssp=vidoomy&expires=30&user_group=1 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=09b250ed-1718-4876-92a0-020303b8c946

Request Chain 235

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8811297722 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8811297722 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3d137147-bd65-4734-b063-310c2e2c08d0 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003

Request Chain 251

https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&c9=

Request Chain 263

https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=c10d788a-d8f0-11eb-b103-1a4ab9540206

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1

Request Chain 306

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs-o1oXlffGQevo0YHMXwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOet06fTLpalltjh5onwcXc&google_cver=1

Request Chain 308

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MzE2NDQ2NzE3NTQwNTQ0OA%3D%3D

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBeeEQHUjlIXO114v3jdEP4&google_cver=1

Request Chain 318

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg2NmRhYzktNWJiYS0yMjIyLWQ4MjItODY2NTRmYTllZTBj

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPVj-OkGg96i0yDxfwptzz8&google_cver=1

Request Chain 320

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmE3YjlmMmQ3ZmE2YzUzODRlOTc5OTg1MmZkODAwNjYxMGU0YTEzNA==

Request Chain 340

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Request Chain 341

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1Um4MFqSRfBYOteMWpEttVm7qN0

Request Chain 347

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8531091146276700440

Request Chain 348

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ykHQ3-BwSPdhPLAd1rKpdlm7qN0

Request Chain 373

https://um.simpli.fi/gp_match?google_gid=CAESEIVfHpwfsOr1kuZI7TIibFA&google_cver=1&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-SoZps1pW0TZDAa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=22DB9C3E0E404906B25811D4F1072A4D&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-SoZps1pW0TZDAa

Request Chain 374

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN2ytsuj8dB-P2vOhQ3QINI&google_cver=1&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZEoT43HYKJYg_Z HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=92neMTigQReliGZPKa6c9w2&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZEoT43HYKJYg_Z

Request Chain 375

https://d5p.de17a.com/cookies/google?google_gid=CAESEO47pjDgRSF9qmxMWYzocWY&google_cver=1&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO47pjDgRSF9qmxMWYzocWY&google_cver=1&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m

Request Chain 376

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKfoauASNiC1HXrkt14-zCw&google_cver=1&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_HxMDPmAy09SWAbEJKEywA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKfoauASNiC1HXrkt14-zCw&google_cver=1&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_HxMDPmAy09SWAbEJKEywA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMjUyODA1Mjk1NjA2MTA1MA&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_HxMDPmAy09SWAbEJKEywA

Request Chain 377

https://rtb.openx.net/sync/dds?google_gid=CAESEBrA2xYxXHkoxktqk56BSWE&google_cver=1&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq&google_hm=61-DPztLxagrtpBrVlIa1g==

Request Chain 378

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn

Request Chain 379

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJapnyTJ065gEasZK5Y7zOI&google_cver=1&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm3eiBUMgv_Bsj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm3eiBUMgv_Bsj

Request Chain 390

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEApERv1yzh7oDXND6itWg78&google_cver=1&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6PtDGhdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6PtDGhdA&google_hm=CbJQ7RcYSHaSoAIDA7jJRg==

Request Chain 391

https://rtb.openx.net/sync/dds?google_gid=CAESEBrA2xYxXHkoxktqk56BSWE&google_cver=1&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg&google_hm=61-DPztLxagrtpBrVlIa1g==

Request Chain 392

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG2YAo9lERgTB12Lf5PLw3Y&google_cver=1&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9hpANRe0A4Bqa98pgveQH7ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJN1o3Mk0tRC1BQlVa&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9hpANRe0A4Bqa98pgveQH7ag

Request Chain 393

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECY6-dNONutsNy3Qeb73mhc&google_cver=1&google_push=AYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8%26google_hm%3DA1FStH-pT0zGvtfibN__A6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8&google_hm=A1FStH-pT0zGvtfibN__A6A

Request Chain 394

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPFzXScq1Yc24__xqglCCJg&google_cver=1&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc&google_gid=CAESEPFzXScq1Yc24__xqglCCJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNzYxODkxNzkwNjE2MzExMTA%3D&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc

Request Chain 395

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBHmHpZHMQb1MrfTamznjHU&google_cver=1&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hENVXc0tCLm8XkDw1xntgJXE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hENVXc0tCLm8XkDw1xntgJXE&google_hm=ODAwOTAxNzI0NjIwMjc5NjUy

Request Chain 400

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Request Chain 401

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

Request Chain 421

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1221243956&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc26a78ef-d8f0-11eb-aa11-025d80eddc4f?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-HLQicwdE2p4Xq2FqXAYZdloCX2I9BWMF00uW~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-HLQicwdE2p4Xq2FqXAYZdloCX2I9BWMF00uW~A&_origin=0&nsync=1&apid=VAc26a78ef-d8f0-11eb-aa11-025d80eddc4f

Request Chain 448

https://c1.adform.net/serving/cookie/match?party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7

Request Chain 449

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641

Request Chain 451

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557

Request Chain 452

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBc3kwN0J0bjhBQURlbmtWN0JtZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 453

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 454

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003&rndcb=5950410096 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=09b250ed-1718-4876-92a0-020303b8c946&google_hm=MDliMjUwZWQtMTcxOC00ODc2LTkyYTAtMDIwMzAzYjhjOTQ2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHXf2P9wM0wlgFF6jvmC2ao&google_cver=1&ssp=adconductor&bsw_param=09b250ed-1718-4876-92a0-020303b8c946 HTTP 302
https://sync.1rx.io/usersync/bidswitch/09b250ed-1718-4876-92a0-020303b8c946?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003

Request Chain 456

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP

Request Chain 458

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 459

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219

Request Chain 460

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5136f149-dac3-4d4f-8652-900e931bf380-tuct7d4c526&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 461

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2OoKoLBoSjKs-D9UjX97xw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 462

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=636d60db-3fa6-4e00-84fd-f049ed33f15a

Request Chain 463

https://pixel.onaudience.com/?partner=214&mapped=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=3d137147-bd65-4734-b063-310c2e2c08d0&icm

Request Chain 464

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhFQTBBQTAtQjA2OC00QTMyLUFDRjgtM0Y1NDhEN0Y3QkM3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 465

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPMrNUxGI_WVzuMQP10zz1U&google_cver=1

Request Chain 467

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7289088237059482144

Request Chain 468

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&gdpr=0&gdpr_consent=

Request Chain 469

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d137147-bd65-4734-b063-310c2e2c08d0

Request Chain 470

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8483164467175405448&gdpr=0&gdpr_consent=

Request Chain 473

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNs-pgACTc3E6AA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-pgACTc3E6AA4&gdpr=0&gdpr_consent=&_test=YNs-pgACTc3E6AA4

Request Chain 474

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe

Request Chain 475

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=09b250ed-1718-4876-92a0-020303b8c946&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 476

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8603148740314628376&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 479

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 481

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a7ccaee5-6862-4fcd-a43f-2d248829e4df

Request Chain 502

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Request Chain 503

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

Request Chain 529

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Request Chain 530

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Request Chain 550

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Request Chain 551

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Request Chain 571

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Request Chain 572

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Request Chain 590

https://c1.adform.net/serving/cookie/match?party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA

Request Chain 591

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM1zHcneRcbSC98fSoPXhp4&google_cver=1

Request Chain 593

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892

Request Chain 594

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6901880369249929382

Request Chain 595

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&gdpr=0&gdpr_consent=

Request Chain 596

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7cb7db1b-0e9e-414b-8f09-12182851dec8

Request Chain 598

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5664362599100432377&gdpr=0&gdpr_consent=

Request Chain 599

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK

Request Chain 600

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335

Request Chain 601

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYktVN0J0bjhBQURkWXl5ajRSUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 602

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 603

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 604

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2595742299 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7cb7db1b-0e9e-414b-8f09-12182851dec8 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003

Request Chain 606

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP

Request Chain 608

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 609

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9

Request Chain 610

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219

Request Chain 611

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 612

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5bqLxU8hQm-bS4W6XmU4-g%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5bqLxU8hQm-bS4W6XmU4-g%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 613

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd9d60db-3fad-4000-ac6a-5589d94e266f

Request Chain 614

https://pixel.onaudience.com/?partner=214&mapped=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Request Chain 615

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTVCQThCQzUtNEYyMS00MjZGLTlCNEItODVCQTVFNjUzOEZB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 618

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNs-rQACN7Rq2QAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-rQACN7Rq2QAC&gdpr=0&gdpr_consent=&_test=YNs-rQACN7Rq2QAC

Request Chain 619

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=df1fde50-2511-4821-b600-5f5bfd0254e6&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd7b5009-8fca-41ba-be6b-122840610dd8&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 620

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3126483521385627928&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 622

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1a0901ea-6210-4fde-bd85-4ffc7b2d9247&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 623

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5664362599100432377

Request Chain 639

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126483521385627928

Request Chain 640

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=x0rmWqXiSzhbz_kuNKvkoVm7qN0

Request Chain 645

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-srsSnAFE2p7LssORUmsQFwPfWJw357JUs.d2~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-srsSnAFE2p7LssORUmsQFwPfWJw357JUs.d2~A&_origin=0&nsync=1&apid=VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a

Request Chain 651

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=bc66409b-68e7-45de-b67b-9b1763e6f4ff&a.is_yahoo=3&redirect_y=dHM9MTYyNDk4MTQyNjg2Mi4wOTU3MDM6dXVpZD0iNTMzMTIyOTY4NjM3NTY5NjM3MV9fVElNRV9fMjAyMS0wNi0yOSswOCUzQTQzJTNBNDQiOmFwaWQ9VkFjODY0MjdkNy1kOGYwLTExZWItODFlOC0wNjIwYjFkMmZkM2E6cmVxdWVzdF9pZD1iYzY2NDA5Yi02OGU3LTQ1ZGUtYjY3Yi05YjE3NjNlNmY0ZmY= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&apid=UPcb0b542a-d8f0-11eb-93b1-02c8291bccce

Request Chain 662

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2539419078943932696

Request Chain 663

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

Request Chain 680

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8518230158766604568

Request Chain 681

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

Request Chain 700

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Request Chain 701

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Request Chain 719

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Request Chain 720

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Request Chain 737

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Request Chain 738

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Request Chain 755

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2694225918088282392

Request Chain 756

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qH1QAQ5KTwp7fqwLml84eVm7qN0

757 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mahb-to-open-private-covid-19-screening-facilities-in-klia Show response
www.thestar.com.my/news/nation/2021/06/29/ 582 KB
161 KB 147ms
66ms Document
text/html 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e153ffc1f0c89a2ddeb8b9a9719fbf10a620cedc22f7e8a31c7433e033d3339b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.thestar.com.my
:scheme: https
:path: /news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 29 Jun 2021 15:41:49 GMT
server: nginx
set-cookie: pwu=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.thestar.com.my; secure pwu=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.thestar.com.my; secure the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D; expires=Tue, 29-Jun-2021 17:41:49 GMT; Max-Age=7200; path=/; httponly
cache-control: no-cache, private
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: QEWu82YqevgDzbBkfsw1B2-JVV6ljOLp78xG8gne_dSlv8Rzd8xEqQ==
age: 98

GET
H2 200 TSOL640x100.png
www.thestar.com.my/theme_metro/images/ 8 KB
8 KB 59ms
58ms Image
image/png 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com.my/theme_metro/images/TSOL640x100.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6

Request headers

:path: /theme_metro/images/TSOL640x100.png
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:41:49 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
last-modified: Mon, 02 Dec 2019 10:07:51 GMT
server: nginx
age: 98
etag: "5de4e277-1f94"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000 public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 8084
x-amz-cf-id: QKaUGsGDe5BRknUgcQaKZFdHq501lbbJDKbAD7nUvR5NRJDKoLn50Q==
expires: Thu, 29 Jul 2021 15:41:49 GMT

GET
H2 200 bootstrap.min.css
cdn.thestar.com.my/Themes/css/ 119 KB
20 KB 136ms
53ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding: gzip
etag: W/"67d856a36edacea9564bd92310f7d792"
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 3300
x-amz-meta-cb-modifiedtime: Thu, 12 Oct 2017 02:23:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: DX51njyHaf6Ql4sUwvwGD6LRfW8pAAkIqgqbqnJXq3r0Ge7EG1nKcA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
622 B 23ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4388095eff1d8e9b30fb94743eaba65dadf3e1f881355fddafe141ebcac3d88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:10:20 GMT
server: ESF
date: Tue, 29 Jun 2021 15:43:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:43:27 GMT

GET
H2 200 tsol2019_pw.css
cdn.thestar.com.my/Themes/css/ 91 KB
18 KB 145ms
70ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210623
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 079a92d5a60df0fe313273a1424b51c840017fc7070816f96ae3c9b3c86f4308

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06qpBYKvmtehC.aqeAEmLSmgpdnZrpbC
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 01:58:30 GMT
server: AmazonS3
age: 2057
etag: W/"e9689f5102aec7e769800cc3c5c00e36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Jnf11F-xovRw5Wx2h3qeAJl7raCSvMUbeQNu-6QRissI-26OVg89yg==

GET
H2 200 story2017.min.css
cdn.thestar.com.my/Themes/css/ 9 KB
3 KB 151ms
76ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/story2017.min.css?v=20210301
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf1858289586abc6140694b5feeedc5d897b26eddf42207a6da3a37f4d309bbd

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0H4cExJfewlupjtKZhHfXcZ7C9UYEbUG
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 03:40:03 GMT
server: AmazonS3
age: 2054
etag: W/"6ac0b3dd4ddbed8d567248e821928f19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gfCP7T0sXHLEwdL6OsFHumh1oSKt01EoGhv1aoY7REcasdjRcckf6A==

GET
H2 200 info.css
cdn.thestar.com.my/Themes/css/ 5 KB
2 KB 151ms
77ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/info.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1.51bKGEb0PTv3hSOCmiJ.243PQ3nZx3
content-encoding: gzip
etag: W/"1aa5bc290203717673262f578a590dd3"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 2186
x-amz-meta-cb-modifiedtime: Fri, 16 Aug 2013 10:10:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: xRw7DnftfPCRzUBxXCOi_Ucrf100e4MZN2gBZ6CXZgNtJC1eybT9Yw==

GET
H2 200 bookmark.min.css
cdn.thestar.com.my/Themes/css/ 9 KB
3 KB 152ms
78ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bookmark.min.css?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 42ZCDGB1EwVQij9jOKaY5QxStJiy4Bw_
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 02:09:17 GMT
server: AmazonS3
age: 2054
etag: W/"ca09feb941c19c5454a23f3542209d12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: k1SlPweF7cytbfQpO3jqt_fPjyyD5p5gXDLdjJCMdfGxnd803KzJGw==

GET
H2 200 main.css
cdn.thestar.com.my/Themes/css/ 61 KB
11 KB 149ms
75ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105ba69e2aff3f8717305031c87902d1fe2019a1244e9631e94fbc13720cbe38

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PMoxhUo9c.Ny4l9.a9O5ocBph4gH9coY
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 09:12:53 GMT
server: AmazonS3
age: 2054
etag: W/"8e58989af013f4d0a582b93158a24b22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 4Y7Dj5wCVv5zJ8FP_18Fj_oSM173JFXTBcmFE444kCv_jEjm6aLhTg==

GET
H2 200 promo.css
cdn.thestar.com.my/Themes/css/ 3 KB
1 KB 92ms
73ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/promo.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e8f41e24ee71abeb52b9a5873fba5423d638c027c18c9f5dd8b6f4c9f072c2

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: I6OHW6YaJdB9C6gR.hoUjAJX7flvdvO5
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 475
etag: W/"9e8ea9485b1b0bbafbbf81527728656e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 2LSQqsGMSRh_IEsKiOhJ89cDldQyzAyxouTxJkYJ2Qv6iRFmYQiktQ==

GET
H2 200 stock.search.min.css
cdn.thestar.com.my/Themes/css/ 577 B
1010 B 77ms
58ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/stock.search.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DYuyOSWJKpUHMg69YtSIuMPMhqtqRHMW
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: "abd4fa5dfda7656031ff9bc791e31ebb"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 2836
x-amz-meta-cb-modifiedtime: Fri, 25 Aug 2017 08:10:23 GMT
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:27 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 577
x-amz-cf-id: zn5V283uNMIghyVU0GikUK60lVeSwN2WNuja9xhOmsyGE73faDlzMg==

GET
H2 200 font-awesome.min.css
cdn.thestar.com.my/Themes/css/ 30 KB
7 KB 79ms
60ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2vubh.PhxEhgJpFKBG0pP31KYJZnb.Rf
content-encoding: gzip
etag: W/"79f8083e69a38052ae8392709b1610c8"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 3283
x-amz-meta-cb-modifiedtime: Mon, 20 Jan 2020 03:30:42 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: t01_KkRAMhLigLJpHWKk5ctT6YbeF3iSY2SrQoNIVwwU8XWkiVbzcA==

GET
H2 200 global-bar.min.css
cdn.thestar.com.my/GlobalBar/css/ 5 KB
2 KB 80ms
61ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/css/global-bar.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2rSoaAo0F0M_gC.wHNQEHLISGuYe8kUJ
content-encoding: gzip
etag: W/"2352a7924ab6600445060ce8da2f9e61"
last-modified: Thu, 01 Oct 2020 02:31:14 GMT
server: AmazonS3
age: 270163
x-amz-meta-cb-modifiedtime: Wed, 01 Jul 2020 07:40:54 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Sat, 26 Jun 2021 12:40:45 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MCF3ie3SpOHSbKv5KJaE53EP7s_jIuvlTI72aSULTqfEo_ZFn_aduw==

GET
H2 200 audio.css
cdn.thestar.com.my/Components/Audio/ 9 KB
2 KB 93ms
73ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/audio.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4fEQPXNNtWhcIBa_DYlOd_C68bas6KnV
content-encoding: gzip
etag: W/"6b621e92f808f4c887d5eb54d7b5bf18"
last-modified: Thu, 01 Oct 2020 04:47:53 GMT
server: AmazonS3
age: 706
x-amz-meta-cb-modifiedtime: Wed, 09 Jan 2019 02:04:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: xOtVP2ip5Kx4o_nNxIgiygnrB2INeQPci2bQEiEkT49hEGQWKQLGRQ==

GET
H2 200 owl.carousel.min.css
cdn.thestar.com.my/Themes/css/ 4 KB
1 KB 80ms
61ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/owl.carousel.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jBZo_fxdrmNQeQ0zDiLYp2wHUQrzyzsK
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 1224
etag: W/"1189f89df639b70679aa1be29335a613"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:26:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pommgMCCVua2jQGlQ3DTKTy1BQvugBnM0O9_JzZUHg2V_5A5gcH54w==

GET
H2 200 style.min.css
cdn.thestar.com.my/Themes/css/ 3 KB
2 KB 91ms
72ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/style.min.css?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M_PjCpdDSoC2zNKkgGTFEIcv_E5IWxic
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 04:32:43 GMT
server: AmazonS3
age: 1796
etag: W/"b4247f523472dd6ecb8dc9f88b2590bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: djXHxXftyiCGqz0PLuPDm9yQ0lLeJDtIlMLPXUKg7IN-FeERq6P-_Q==

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 23 KB
6 KB 41ms
11ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f70139c0137ae9d1210dbc3959d35ca70e04f5d5aa5072c8cc4215a993984507

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 16:40:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5995
Expires: Tue, 29 Jun 2021 16:43:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 20:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:37:13 GMT

GET
H2 200 parsely-onload.min.js Show response
cdn.thestar.com.my/Themes/js/ 5 KB
2 KB 81ms
62ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/parsely-onload.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1DWUB0MLRA9Gin_ixr7MS2Yy_RpKtHx_
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2082
etag: W/"cf0b5aed788300bcd41cf265d84655dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9OZRnv9n-VgWBoiNDv13shqqpFQBWhiwS4rzNGHJthl8pYUhhHSZ_g==

GET
H2 200 URI.min.js Show response
cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/ 45 KB
14 KB 27ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/URI.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1708196
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13131
cf-request-id: 0afa099f1b00000601cebf3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-b370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ANRXOMu6ET7yBC6dme%2BLBzOPj9J0Qgtd2SBnFWhdAKrNJGc9TnHnRy%2BtUp3OSp%2FBrUFxZLqw1bqQ1oN8lHOjdbx0jzp8oMouvgdkVS3c7kiJXXPPClOw0wO9QYPDUG1J%2Fjwoe0n57rTbbxt7mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66704544ff710601-FRA
expires: Sun, 19 Jun 2022 15:43:27 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 22ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 815397
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15476
cf-request-id: 0afa099f1b00000601671e5000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j8AzOfaO7ZiGoiJ48PihginOMKpEXZsVhB3E2G5kLFfigENb2xw0JIMSeEEQv9s1a1NdxR5nzCDJTJMSoz7Uy7Cy2uQrny%2Flnm842fQ2TuFj3vplE50jgk51RhatG2FloGNQ0jKM3eVlBdW40g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66704544ff730601-FRA
expires: Sun, 19 Jun 2022 15:43:27 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5332178
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5117
cf-request-id: 0afa099f25000006015f074000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ywkOFkqU2Hp1HXiCWEmBTvvrrj460QgS7vuH%2BE2y3MZpkD6Yn71%2BoDbrdsSijNJs5PgfXsyaNbc9IP%2FIwDzgi6Gi%2FgeJu4zeZCC22ECpCPtLOSWBWtFfHg5D40Ym%2FsrWW9TLeBEbhPxKwbBCbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 667045450f9f0601-FRA
expires: Sun, 19 Jun 2022 15:43:27 GMT

GET
H2 200 js.cookie.js Show response
cdn.thestar.com.my/Themes/js/ 4 KB
2 KB 82ms
63ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/js.cookie.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9uuOoJhuZtR5PqudHFYxAz77EF7flIiw
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2822
etag: W/"6e9eb1f53afb135aedaf90739c867738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:27 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CiroX6E-ak-dSWFBnhYsdls1msG1o06xzpf5uM3YsEQbfjQ4_RLYqg==

GET
H2 200 jquery.dotdotdot.min.js Show response
cdn.thestar.com.my/Themes/js/ 6 KB
3 KB 83ms
64ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/jquery.dotdotdot.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hAkLNIGL3rohYqiNd1Iog0CmHxxih5th
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2336
etag: W/"e7489c03aaea168ba084298955d7fb9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: HrYgyYu8zO_BaA5dy0jEPtnWhjBbyQYPpjPR_LAvc-rYO9KzbhvELA==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.12/dist/ 85 KB
31 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.12/dist/vue.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1758559
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 31511
etag: W/"1532d-b7N+P+qNjCY0IJSHys6z84RECdI"
x-served-by: cache-fra19128-FRA, cache-hhn4020-HHN
date: Tue, 29 Jun 2021 15:43:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 26ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8531774
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4224
cf-request-id: 0afa099f370000d725b6bdc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eQUmquAz3YJhTcGzwV5qLIg1M2NFqHabtzxA%2BuAwM3AUAupLvG3FU%2F%2FwXDsJGry9ySCa4r%2BoynRv6yHC7AkyqqXoYcZs5PDLS1s26NEXG9BUNPpAtu5jTXHAqLLGt0vyBoaeSpOoMWCxRzRNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 667045452e3ed725-FRA
expires: Sun, 19 Jun 2022 15:43:27 GMT

GET
H2 200 Main.min.js Show response
cdn.thestar.com.my/Themes/js/ 30 KB
7 KB 85ms
66ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/Main.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: U3PZu35WxYgH9GSSGClLY_x.o0Yt34Ii
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2699
etag: W/"5a6ec816592fcb73b4e4596a8b65b8a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:00:01 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: vsSCsUCe53UKuHnOU3pm7Z_gvQ1XzyuxSfFCLIxl_ZKyAFIS8w5QUg==

GET
H2 200 widget_mixin.js Show response
cdn.thestar.com.my/Themes/js/ 12 KB
3 KB 86ms
67ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/widget_mixin.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y9PpVJXd2Oxkkq3Zw.83CUlh1k4ay25d
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 322
etag: W/"548632554aa77d76e34e3dc08ab3671c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: HMObIAMaPRlCsY5tFO-Mf-8MB98k9Y5R5NJUPrtAv3ZxqUXcd9RZaQ==

GET
H2 200 slick.min.js Show response
cdn.thestar.com.my/Themes/js/ 41 KB
10 KB 90ms
71ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/slick.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oBAIRKEGoB7KIU6Csj.8nhVNzUkorXJ.
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2101
etag: W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: F587UudMlp3oSca29FxHxsNP6Rd8_myJGbnjhAD8uatotzXxwIaeJA==

GET
H2 200 jquery.unveil.js Show response
cdn.thestar.com.my/Themes/js/ 1 KB
1 KB 67ms
55ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/jquery.unveil.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1Fhcx_qG5J0whBMLGKTITGVNVu.uQj3f
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 1563
etag: W/"4f4ed40e89655177903ad7eafdec4b05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WctHV7nAinOG8jT3msDTInlqCNu6czrlf5kjiMG322tgfTFMQLJn_w==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44c52d8e7834105db25e49f0b9c3c91539cb8d6ad106ed7c0e2c87a99f34ffe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 45xLjYeOYoiTCastg5wYaA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: ohlZXNe9chonai7q0IHGD3+bGGtYhjMqkzSNkW4S6nhGbBkENz4teiohOhaAopp7bClg5LNZs7wZco/tF+9h7w==
x-fb-trip-id: 2050670934
x-fb-content-md5: 5b3a6a59d9ec0dfb06e4588f7566d442
x-frame-options: DENY
etag: "ed82cc0a8b71b839e86bae2b5fbed0af"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Jun 2021 16:00:08 GMT

GET
H2 200 owl.carousel.min.js Show response
cdn.thestar.com.my/Themes/js/ 39 KB
11 KB 95ms
76ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/owl.carousel.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 91xkUJd7Bp9Lc31.TzW9M055eNZW.MwS
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2236
etag: W/"d93af4022365dfda42a48dd0ce25f2a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 66NbiQAlb6qP9nlL-ph8QkHKF2o2n6upDfsP-r7-vSaDhnpKOAeJ7g==

GET
H2 200 mediatag.min.js Show response
cdn.thestar.com.my/Themes/js/ 4 KB
2 KB 90ms
72ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/mediatag.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: b0vOp9rRVixzOzR4Bf0NM4XxBsi8pwbX
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3439
etag: W/"bb66382c1748b25c891b9dda58d4f49e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: huLUJ_-hWbXHTb6LXUbpaFUuIRBsuIpeKK2K0Tlse_E8AHAEdyazpA==

GET
H2 200 mediahelper.min.js Show response
cdn.thestar.com.my/Themes/js/ 1 KB
914 B 91ms
72ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/mediahelper.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HUI8bjkjkMsvDB1fosoXf3g0O_f3RwT_
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3254
etag: W/"fe91adf3dfdcbd82bfc8d88e948a9356"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:14 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 1ECBzfRAADD_dE5O168uYDV1rNZ6bnU0ibrzGl_lOulRJYKaSIfWbw==

GET
H2 200 widgettop.min.css
cdn.thestar.com.my/Themes/css/ 355 B
743 B 95ms
77ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/widgettop.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6LdMa_qUjKDTJSqTM9TkvNfEg3XGMDcu
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 1749
etag: "d4d7dfa253b7eb381717d2d49bef8b6c"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:19:29 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 355
x-amz-cf-id: 2g8CttW4ZYaeU7geM0-1iCa11Kdk-7pylZYHpiEPULzKT0a7vN1yfg==

GET
H2 200 widgettop.min.js Show response
cdn.thestar.com.my/Themes/js/ 2 KB
1 KB 96ms
77ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/widgettop.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AkiyUjdvcgUq1yi0xs0KA79p__MQh0HQ
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3125
etag: W/"ab52bf3882cd9e5f3a5ba5d6a12f30a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:27 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: uqW23jtZeuKcXxmvBTjh_YFhyt6cCQRr2CVp2Zo3eFp261feZbWp1A==

GET
H2 200 article-details.css
www.thestar.com.my/theme_metro/widgets/article-details/ 2 KB
1 KB 61ms
58ms Stylesheet
text/css 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85

Request headers

:path: /theme_metro/widgets/article-details/article-details.css
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:41:49 GMT
content-encoding: gzip
last-modified: Fri, 30 Aug 2019 03:42:44 GMT
server: nginx
age: 98
etag: W/"5d689b34-7df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
cache-control: max-age=2592000 public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 3eFV1zB658D_4Wc7AMvX7OMahvAzWR7fBoguKC3rGOv1uZFS0uzqAA==
expires: Thu, 29 Jul 2021 15:41:49 GMT

GET
H2 200 print_v2.css
cdn.thestar.com.my/Themes/css/ 2 KB
1 KB 96ms
78ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/print_v2.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KwC9Uxlv1PIHTSeuo2BppqPQG0_eQLJT
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 555
etag: W/"a0dc4bc68d133c730c0c5840dcd1dcb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: oLPoXXSGzOfNXxNAn5vhCqh-odxqZsWW7NqQdQPkv0jHA1T-AOC_kw==

GET
H2 200 story.min.js Show response
cdn.thestar.com.my/Themes/js/ 12 KB
3 KB 60ms
48ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/story.min.js?v=20200924
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92331bbce3dec5dd11f8ed4336864dd36aa1dc2a3f454c0ac576e83bdbafb78b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AtBk2WZY2vgignBspVJgBA2jRWar0ToZ
content-encoding: gzip
etag: W/"0d63f9bcf7f5f0858c688ba85f249780"
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3262
x-amz-meta-cb-modifiedtime: Thu, 24 Sep 2020 10:52:12 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:06 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: h0Ef9uvS0w_WaF02nk6ufGuRt2aPydX2ExtIj_LkPFO9T9FGtoD_Rg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 124ms
41ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

65632c7d3bed27c39037da47c8a0360a05a96726bae5bacc1e677d13fda9e6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "915 / 254 of 1000 / last-modified: 1624965167"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24254
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:27 GMT

GET
H2 200 prebid.js Show response
cdn.thestar.com.my/Themes/js/ 164 KB
51 KB 63ms
51ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/prebid.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 67.sgCE89AV.n1xtsN0drtyH7BPwq.Ko
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"6a5a380e94250c137e88f922a29ee5e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:43:27 GMT
x-amz-cf-id: LR5d9adSYC91ztGyDIR9WlrSiLmYO9yZ-fGAIMCFDQT6ySNXuUK2fQ==

GET
H2 200 trendingParsely.js Show response
www.thestar.com.my/theme_metro/js/ 3 KB
1 KB 64ms
61ms Script
application/javascript 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/js/trendingParsely.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e

Request headers

:path: /theme_metro/js/trendingParsely.js
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:41:49 GMT
content-encoding: gzip
last-modified: Fri, 13 Sep 2019 03:18:43 GMT
server: nginx
age: 98
etag: W/"5d7b0a93-aac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
cache-control: max-age=2592000 public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: M-R_2ayJ7ZTaqKaWxM3nZLPe2xv3oOJQeQ2CfffCrPt976cY4__AsA==
expires: Thu, 29 Jul 2021 15:41:49 GMT

GET
H2 200 close.png
cdn.thestar.com.my/Themes/img/ 563 B
942 B 69ms
57ms Image
image/png 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/close.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oh5atXrQlnGzmYKMe0FMd8_aHZ3eX2lz
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "3f435ca1cfc6bdb9cd5fa80a4bbf782f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:43:27 GMT
accept-ranges: bytes
content-length: 563
x-amz-cf-id: txNbzJldmRa2J_W9Gw2lm2a0lc7zNSfJvD8L16qHVxn76DAgRC5yfw==

GET
H2 200 navi-selection-revamp.js Show response
cdn.thestar.com.my/Themes/js/navigation/ 2 KB
1 KB 96ms
78ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/navigation/navi-selection-revamp.js?v=20191107
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xgkepuq2ZP4xhniY2q2qEC2fXiNjsxtR
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 03:25:40 GMT
server: AmazonS3
age: 1180
etag: W/"05a862eb21f9c8caf895696ef1f910bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:26:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: rxura-cAaLVfMLmFJYHzdZ9IPADGiKJMhLHeWiiPUBeD5EIkSJJl1w==

GET
H2 200 jquery.mockjax.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 6 KB
3 KB 96ms
78ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.mockjax.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yML40Dwy7cpBkYZgqvzVNYbVA60KAgRX
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
age: 728
etag: W/"9ece6212dc680985754b05aa60c8e93f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: W1QK63y10B1xEp7rOetFkx1YeQ-41N1jZhLqxhlJjeKO-NfCnM_gtA==

GET
H2 200 jquery.autocomplete.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 12 KB
4 KB 97ms
79ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.autocomplete.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mQkM_q5GT_pIjmvvnEcIoZj9O0dEgdVs
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
age: 472
etag: W/"bbeb164fb98847e6aa277d13acc0b845"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JMOwsnrzRuoUmexSQmtsU0NMAqQmsMqOEO9VllupXkdJK4gg72nrOg==

GET
H/1.1 200
OK stocklookup.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 142 KB
142 KB 730ms
192ms Script
application/js 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/stocklookup.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa9338ba088950ac39e268090833401f2d9204e15e6bc120f6e5ba4d57f03b40

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Tue, 29 Jun 2021 01:06:48 GMT
Server: AmazonS3
x-amz-request-id: W2AE0P2HZ1J4D228
ETag: "8b5f0a6e185160be66329068c4464028"
x-amz-version-id: qiUNqUeCR5qtDs9hFqGiCVWq8jWyKTSz
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 145453
x-amz-id-2: Kr9v7yUpuZr+wVlgpT1OZ265O5Yt1dSavvOiCeZ+9ZVT8w2T3dCldTkFn7Lb3vUmSQo9eiG8p3s=

GET
H2 200 search-menu-1.1.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 3 KB
2 KB 97ms
79ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/search-menu-1.1.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ADs_LRbMGQrRKgf_H0FFRDpMK5UzUvHm
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
age: 2836
etag: W/"93c40729a04be6e873673e3df9485ae2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:27 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: kjbdjvx89V9Yi1zmzc2F5XzoPKdk5BvQdOpiODxho-yedCc1yypBIA==

GET
H2 200 gsc-widget.min.css
cdn.thestar.com.my/Themes/css/ 1 KB
977 B 101ms
83ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/gsc-widget.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kGC.90mrgmWnDOcE6kUKtpr6rVwh368x
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 3175
etag: W/"5a9c2439e593f7d47afd523effc0e939"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:50:33 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 7a76v6B4iKa4seEX02AIM4mFrkOTsV3iWFBa9jyF-Ccu7X36mRkFfQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 100ms
33ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 29 Jun 2021 15:43:27 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 1202485.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 11 KB
11 KB 137ms
51ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202485.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 204d1a55bba7ed24e8b44ae28c3c13a8869be46f083078b5cee4b78077bba6c2

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 10:44:34 GMT
server: AmazonS3
age: 97
etag: "9126ede092e35409a02f3159bb26446d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:51 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 11223
x-amz-cf-id: C4V6vN-dD4FJl1E3wb2CLq95R6Y6-B5VWsG2J9G-Ln90TNbJzjuc3Q==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
677 B 19ms
15ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e10939014d4d1f919648b1b71b39558cdc08a5291cc79d21fd40aad4ea605d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Tue, 29 Jun 2021 15:43:27 GMT

GET
H2 200 1201342.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 9 KB
9 KB 120ms
64ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1201342.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8118a6384c2f4c49f6eca5f56c90db7564952b6c62246508a593ee7dc31a6679

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 23:28:12 GMT
server: AmazonS3
age: 375
etag: "ec092d27772ce40a412e7c5d7883bfc6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:49 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 9122
x-amz-cf-id: CmwFjm6RRDXUiAigZqEx0UT9JKq6o0cJMMpTbbLNUulb3U4ow3xTrg==

GET
H2 200 1197475.jpg
apicms.thestar.com.my/uploads/images/2021/06/25/thumbs/small/ 7 KB
7 KB 101ms
52ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/25/thumbs/small/1197475.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bff5055b087a06c39361fe439a0746c9597e164d445541e33276e26339e8829e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 03:29:32 GMT
server: AmazonS3
age: 97
etag: "656e9370d1f6328c9dbe5e0a7efb7072"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:51 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 7123
x-amz-cf-id: 0u63nJMi_jdxP08WEyS8RxtY0IBYLgNauu8XkmyJnS0sCxa76aMCMQ==

GET
H2 200 slick.js Show response
cdn.thestar.com.my/Themes/js/ 85 KB
15 KB 99ms
81ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/slick.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M1UUCXgbifGYen3fSN4gPuaUneQd11UO
content-encoding: gzip
etag: W/"0069cd26e05883ce7beecc9dde8a8dd1"
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 374
x-amz-meta-cb-modifiedtime: Fri, 25 Aug 2017 08:37:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:41:49 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: PR5pnD5VEWW_N5TLbaeK0T74gI0jS2aAdL0JU-OhjCCEMbYTvEe9ZA==

GET
H2 200 trendingsection.min.js Show response
cdn.thestar.com.my/Themes/js/ 3 KB
2 KB 100ms
82ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/trendingsection.min.js?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e01e9c8f9a09704caddeccf0ed2e5bd2df7992ebd7c6b62b6b8860e97176d1

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MYn9O0SuasXAsZ0Cx6J0.uO9mQ.cp9vw
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 03:26:57 GMT
server: AmazonS3
age: 1076
etag: W/"ec6d4619fe5f27ef47b8d256fa5bed1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:26:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QPQBGN3XY0pQoezHunrbQULTAcuSD86dgSI7Q_d5yirq6iBc4ua_xA==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 175 KB
58 KB 117ms
24ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd04b954f60aa82c29b90219a9700d424c007dfc6ca94acd18d3178a3fc205ff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 13:23:49 GMT
etag: W/"2ba75-3zb+lM9pwb1vTgpDr3KZwyioMC4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: eda04f09d4d01ad152c9caaf236d0d6
timing-allow-origin: *, *
content-length: 59205
expires: Tue, 29 Jun 2021 19:43:27 GMT

GET
H2 200 recommendedreadingarticle.min.js Show response
cdn.thestar.com.my/Themes/js/ 8 KB
2 KB 100ms
82ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/recommendedreadingarticle.min.js?v=20201130
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6281b296098ee3e368708f1951a86b79a2ed2a39a2b2712d1495af717554c554

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WdBY23l.bfE09tlukVKNyZCAeeSwFTgX
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 03:47:37 GMT
server: AmazonS3
age: 1076
etag: W/"d4149fd072088cb80719b288e2065497"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:26:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Y_eleZ5hIvkxMJ-k05CBw5jZCWpTnOdHhVP_jeSaBFytiiahKzmv9Q==

GET
H/1.1 200
OK chartdatetime.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 2 KB
2 KB 745ms
187ms Script
application/js 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/chartdatetime.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 82586111e867147436b04f8b1a24adf41872fae9f98c1859b93be418ff2afe4d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Tue, 29 Jun 2021 11:03:16 GMT
Server: AmazonS3
x-amz-request-id: W2AFDA5PBA0RS5C4
ETag: "2ffa54875c655001d5e64d78aed4f314"
x-amz-version-id: Ik5_AAeVPQJKQG8aesvAf3TIo9lRvYtu
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 1543
x-amz-id-2: Prd1Gh7pIVwlAgSZckyzmMQPWe4JWBlc/09c8q+lV5/iyg4V/vtBKuxpkheoGCcGyqv9rC+Yo60=

GET
H/1.1 200
OK jquery.jqplot.min.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 168 KB
40 KB 753ms
194ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:28:16 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:31 GMT
Server: AmazonS3
x-amz-request-id: W2A8612SKJVDHQK7
ETag: "34a02ba47f73853b0abee59bcde46861"
x-amz-version-id: GBBRuvPJ6axKW25UnMQZIZI8IL_ZXtAe
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 40802
x-amz-id-2: /fC0owiDkXq6KmF+cE0yZYktqSCig0xsCcMEBSO8NzCQPmXuTGSvT0UumBOyiicXDh3B3JJm96I=

GET
H/1.1 200
OK jqplot.canvasTextRenderer.min.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 16 KB
4 KB 725ms
188ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasTextRenderer.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:28:52 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:32 GMT
Server: AmazonS3
x-amz-request-id: W2A5ESBA647VE9DB
ETag: "40ccd46d588ec5f2bdcab810ccc560ea"
x-amz-version-id: bXOySgiYGt4ExqDTFuO3yLV3VSjlMmj9
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3624
x-amz-id-2: vgTwYNdEZ0MX+6pZhlM1zOzx+Z1AcmoYq9p3dH0haGMBLdx3MZBX++hiXqpMf3cijfTTDRdr32Q=

GET
H/1.1 200
OK jqplot.canvasAxisTickRenderer.min.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 3 KB
2 KB 720ms
185ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasAxisTickRenderer.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:29:09 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:32 GMT
Server: AmazonS3
x-amz-request-id: W2A1ZJBYKHBMZ7B2
ETag: "58707dba2234ad48407ecf8be547a8a8"
x-amz-version-id: DDqNr4cor1Y0wowm0KNS0YVT8vPUCmOm
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1088
x-amz-id-2: IuxDTyCK29IxqRcsJ9UMg7qYkmG74Ub3k9ed89IzEKY2WPg2Eqg+zOnS9LgSsrf3DcLPbnz8hHw=

GET
H/1.1 200
OK jqplot.dateAxisRenderer.min.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 10 KB
3 KB 734ms
189ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.dateAxisRenderer.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:28:44 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:31 GMT
Server: AmazonS3
x-amz-request-id: W2A48RTWF4Q5BX4A
ETag: "100bebdc1dd34da0492542ab2c0afd10"
x-amz-version-id: TNtxhcaCLEGA3wzUEK.W9f5OpdVpr.XP
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2762
x-amz-id-2: rDeKMbNqQXAMCFqTrjxM8egZ3RGX7a/BB+etOtxep3TIMuiCRKnc89HVjJ7AS/H8G3Q30Y/iROk=

GET
H/1.1 200
OK jqplot.canvasOverlay.min.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 14 KB
3 KB 190ms
189ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasOverlay.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:29:01 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:31 GMT
Server: AmazonS3
x-amz-request-id: W2ACHX0Y5F2WNRQS
ETag: "3b7c16ee47e08089c254d2dcc177be70"
x-amz-version-id: VADRCRedFvW6IHYOBIg5ulkEoqq3.Ls7
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3003
x-amz-id-2: HCk7L/hZUT0OzawaIWNu6CRqDXsEcrw6T5FGThgMVb3V7nQwdPSk3KxpmlQviGCZ+sn0dzs2T9o=

GET
H/1.1 200
OK klciside.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/ 4 KB
4 KB 190ms
188ms Script
application/javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/klciside.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Mon, 23 Nov 2020 05:07:39 GMT
Server: AmazonS3
x-amz-request-id: W2A3XK069KEVHH0W
ETag: "2f73ec58eb2e005dbbe9fead55e75479"
Content-Type: application/javascript
x-amz-version-id: J0lhCdsuzL7N_0K032ZhADQt13sU8bQO
Accept-Ranges: bytes
Content-Length: 3876
x-amz-id-2: UI61AwtYcAvpYmeMYYnNk6RoZM+x2b8C36nUVfMqF/Tur3TMQXsh+aRWYTVWGHqIL3a4nbch1Ak=

GET
H/1.1 200
OK plotchart.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 1011 B
1 KB 194ms
193ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/plotchart.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Tue, 01 Dec 2015 00:02:11 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Mon, 09 Dec 2019 02:07:32 GMT
Server: AmazonS3
x-amz-request-id: W2A80MBH7NYB507M
ETag: "aa287ab2f08a033baff8af19ae083248"
x-amz-version-id: Sasi7caBnHUkVipIaB1Yqe8zKqfENV26
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1011
x-amz-id-2: MsLdHf+nW9SMNFC2sT8kEuWE4GgbTegRzsMoyHVgDbwUHnB/iyBTWOJkC2/Z/lBRxUJc+ebPSS8=

GET
H/1.1 200
OK top15active.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 3 KB
4 KB 193ms
191ms Script
application/js 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15active.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17de993ae7f6c484e295ab7550153b7afdbba8aa93b2b4e92289ac91a69ffd8b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Tue, 29 Jun 2021 11:12:40 GMT
Server: AmazonS3
x-amz-request-id: W2A4F40E9J8S3F7B
ETag: "3d3d64be9c2438962fabe5138c0dbcc7"
x-amz-version-id: c64tcQV405xQ8jvQpp.HqZpC44Kaj6Ju
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 3547
x-amz-id-2: LRx59pI/4L/tR0DI7XLYKNw0uLJHGLKQgxX3tF9/CPpPCFt/Q4aY5YQte8UJTLuKlkPju2ZJXEM=

GET
H/1.1 200
OK sidemarketmovers_v2.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/ 2 KB
3 KB 193ms
192ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/sidemarketmovers_v2.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 16 Nov 2017 01:53:03 GMT
Date: Tue, 29 Jun 2021 15:43:29 GMT
Last-Modified: Thu, 16 Nov 2017 01:54:12 GMT
Server: AmazonS3
x-amz-request-id: W2A1V916NGJPE7Q5
ETag: "ba9fde07be1f5a2596d0ee536ce41ea7"
x-amz-version-id: tOC78Iou.fgjI1wwRMVtqhJGMVx.oicW
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2101
x-amz-id-2: tAl/AFQLyqfRFtD9eL6194LS6bgVUWtaDR0SBBnUHhkITJmb7FpKUqTcGD0l3tak1SX0aWyJFkQ=

GET
H2 200 interestNewsletter.js Show response
cdn.thestar.com.my/Widgets/newsletter/ 6 KB
2 KB 50ms
38ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Widgets/newsletter/interestNewsletter.js?v=20200902
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OJhzSb36lv_e2e_eLt.R5ULyfPyIIEoO
content-encoding: gzip
etag: W/"61ac8b26c984038e9df9929cb5c676c4"
last-modified: Mon, 11 Jan 2021 07:11:15 GMT
server: AmazonS3
age: 337
x-amz-meta-cb-modifiedtime: Mon, 11 Jan 2021 07:11:09 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:41:49 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: wzGch565AcXAzKiNbFzNEOBJKEMKDeXOzOiMVKvliKaX2ziE1tJZGA==

GET
H2 200 iprice.min.js Show response
cdn.thestar.com.my/Themes/js/ 3 KB
1 KB 62ms
49ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/iprice.min.js?v=20210224
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 740e76e642e714e163854ee71b809f2d48c201af9dd60b48793c467bae1d3f30

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wqpXp8YGHVaoYdu_rqir8.eZSJTud4zQ
content-encoding: gzip
etag: W/"62162acb2bacfd3939d4c89013792850"
last-modified: Wed, 24 Feb 2021 08:05:53 GMT
server: AmazonS3
age: 1076
x-amz-meta-cb-modifiedtime: Wed, 24 Feb 2021 08:05:02 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:26:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Vua50QHXuXsNB9_3IXEk6-Gdz7uqR7zjgrn7rjMYnLqFnRqZEFGeKw==

GET
H2 200 adframe.js Show response
cdn.thestar.com.my/Themes/js/cXense/ 20 B
372 B 51ms
38ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/cXense/adframe.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 31 Mar 2020 03:00:46 GMT
server: AmazonS3
age: 2403
etag: "4b63ac77cdfef7177c6491be489b65af"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 20
x-amz-cf-id: eRdws0qqPd7-SnX6FKLItP04R8geYsnMPzB39L8AGtMUtRIeUJ1Myg==

GET
H2 200 PaywallBypassBlocker.min.js Show response
cdn.thestar.com.my/Themes/js/cXense/ 2 KB
1 KB 52ms
39ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/cXense/PaywallBypassBlocker.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 09:12:54 GMT
server: AmazonS3
age: 2290
etag: W/"3c634545d455f0caf2404ad403ad5b43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9AgL_VsSsIiB82vc3OjYkJhuaGADILDqAaUHRIDWXCEGlL2qgrvcoQ==

GET
H2 200 global-bar.min.js Show response
cdn.thestar.com.my/GlobalBar/ 2 KB
857 B 53ms
40ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210506
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b91904de21815c30d86842aa2a3722b743699774cfd45b62046da0f403f9d0c8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6JkAzWYgbybGYyE__ZoYSKhnU5azNvRW
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:46:04 GMT
server: AmazonS3
age: 9927
etag: W/"9960b1e24b8174bed155f9c15832e457"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 13:41:00 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FQrhhTZHwYCMjDpAQAh626mnAndGP41MDNnVJKx-9nsVWrRC_rEqcg==

GET
H2 200 bootstrap.min.js Show response
cdn.thestar.com.my/Themes/js/ 36 KB
10 KB 55ms
42ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/bootstrap.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: t4hMdTiZici9FqL_hKTCNOgWrk2xRcD2
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3488
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 3LtWISCURSVxH_0lbkwisnqxXITo0hvfC6rGXqMgBU9OcILbnnzUMw==

GET
H2 200 bookmark.min.js Show response
cdn.thestar.com.my/Themes/js/ 15 KB
3 KB 55ms
43ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/bookmark.min.js?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17939078dad1aa6b6649cc8449e98dc12958cc038904804202d5060cd2dae43

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WKel1EXeVtzrQa915XTShoY69gkXlwUQ
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 09:12:16 GMT
server: AmazonS3
age: 2138
etag: W/"2a8f346ee65ce4f9f6ea03e78b95f9ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: dYsEnuwxzKvGl1ra7vAoyf3XoYhKJJly8AL2V_ukT7W9RX62-nTboQ==

GET
H2 200 loginstatusV2.js Show response
cdn.thestar.com.my/Themes/js/ 6 KB
2 KB 56ms
43ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/loginstatusV2.js?v=20200420
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S_5Wy2QtS9yESUg_t_Txig1hXajjOehE
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 551
etag: W/"bd6868868331c99696757c9430bba64b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: TxhZGxOgyVIQwKYPkz4KVlwtrSv1c7b7IQZq5RcLEJ6bejb1nhkVtQ==

GET
H2 200 rangetouch.js Show response
cdn.thestar.com.my/Components/Audio/ 7 KB
3 KB 56ms
44ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/rangetouch.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SncXBizfzGgqFTTIKV4OY0WbJjbfBIUK
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 03:23:27 GMT
server: AmazonS3
age: 459
etag: W/"3d0c65f1a02e9c37f8151823305fac49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WGWXUuT1PsMJ6aZiEDyMRDS4MUoEkyGkFJGZND8-BH5LKK_ITEveIA==

GET
H2 200 audiov11.js Show response
cdn.thestar.com.my/Components/Audio/ 23 KB
6 KB 57ms
44ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/audiov11.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MyE0S7wRqEofYd4m5t_f9MFpkuZ1q._c
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:31:48 GMT
server: AmazonS3
age: 451
etag: W/"9e21be23ac165d96439e5fa5b53ebbc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: xo1s_ynDy9g6e37uUUE5Lgf9BuhIKODIBo1H9OSVi9ttMuKRPNi0fQ==

GET
H2 200 lazysizes.min.js Show response
cdn.thestar.com.my/Themes/js/ 7 KB
3 KB 57ms
44ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/lazysizes.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ecK.TIVb9okgvRXhj4mOs9F095sYYP3F
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 551
etag: W/"3150bf538edc0788afd7c673a0c5dfee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:35:35 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: TqWl5uL11VFO5XM35DZI4h6SRoPFKwxBOUe9SQdz1cPZuX7qbOaqRA==

GET
H2 200 script.js Show response
www.thestar.com.my/theme_metro/js/ 41 KB
9 KB 63ms
59ms Script
application/javascript 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/js/script.js?v=20210315
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e45a1b7eae1b9be6e2cfebfdc56589d27b528e5a8036825ef29f9ba7b28a0406

Request headers

:path: /theme_metro/js/script.js?v=20210315
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:41:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 01:36:58 GMT
server: nginx
age: 98
etag: W/"5fbdb53a-a4cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
cache-control: max-age=2592000 public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: p2JAAzO-VpmQAF7xm7242ASN0_mMmUPCLsolYD6DFLhn8q46u7bBfA==
expires: Thu, 29 Jul 2021 15:41:49 GMT

GET
H2 200 anno.js Show response
cdn.thestar.com.my/Themes/js/ 29 KB
7 KB 59ms
46ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/anno.js?v=20201130
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OuDkpiwuPGW_Q4zrNCpISbqT1sd95PIt
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 06:39:37 GMT
server: AmazonS3
age: 2290
etag: W/"b879d81b10441b73e051d05ff6f260ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: KoTHRP__cfucSdTly7y525iN7pW7fZ8whcI4tReDe9nGa2ugdxVpwA==

GET
H2 200 anno.css
cdn.thestar.com.my/Themes/css/ 7 KB
2 KB 59ms
47ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/anno.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IYdciccd_JNS28aqgJlMBoSXxrU06r2A
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 03:20:26 GMT
server: AmazonS3
age: 2290
etag: W/"1729e7e979d354b09b68b9ee92c30ed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: guUQG78QKJOsmjO9BEg_URrO9FbXfHQfo1VjckalRE__Vuqp45VwFg==

GET
H2 200 userTour.min.js Show response
cdn.thestar.com.my/Themes/js/ 3 KB
2 KB 60ms
47ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/userTour.min.js?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pkk7sT48scecda5qmWoyb0i.tvcRLuw2
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 05:03:43 GMT
server: AmazonS3
age: 2153
etag: W/"eb2cabf0b74693fdc24dedaf1fd53c9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: oo-aPnLP39Jfi-_h703Jrms_cLEODf0bUtmkR2UyW4SfjGYJtzpKrA==

GET
H2 200 flyin.css
cdn.thestar.com.my/Components/Flyin/ 4 KB
2 KB 60ms
48ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/flyin.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: evw7KHSrtiPtOJ_cB9Mj.lS9SfYJ4IAS
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 03:33:00 GMT
server: AmazonS3
age: 691
etag: W/"cacb78daa8eabcadd3288b939abb913b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: KTQRhPp-dnhVhCat7IE8UjKQdWsVTDYUjSXabRKsKc1eno8V-aAJSA==

GET
H3-29 200 css
fonts.googleapis.com/ 1 KB
395 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

361a7951bfb7edd4aba4a1973917c6ecec44b55d409f85b0a0702098d2598a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 13:57:23 GMT
server: ESF
date: Tue, 29 Jun 2021 15:43:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:43:27 GMT

GET
H2 200 times-solid.png
cdn.thestar.com.my/Themes/img/ 195 B
583 B 76ms
62ms Image
image/png 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/times-solid.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kAFO.STgsqhnKgaHPEgDJWsM6I..4uJG
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 362
etag: "1e6a99b6d4f0f30e2275083e00cc8aad"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 195
x-amz-cf-id: qvOB26kiN8rxzEfRs683DMYuuZyT0-yEfQfh8a7O8Ci5QEalK2Shmg==

GET
H2 200 Flyin_20210318_1.js Show response
cdn.thestar.com.my/Components/Flyin/ 11 KB
4 KB 61ms
49ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/Flyin_20210318_1.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: paStmdHs3y5LBSsYHwMQRhv8w6RM2Zxk
content-encoding: gzip
etag: W/"4f184793a238c26f0e6b3b3af6f1a686"
last-modified: Thu, 18 Mar 2021 01:25:27 GMT
server: AmazonS3
age: 628
x-amz-meta-cb-modifiedtime: Thu, 18 Mar 2021 01:24:11 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:38:23 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: cXjMybG-0sMhroogoIcE5RlAF_yztp0nQh6Vwqk2RLLWsPTAEfAM1g==

GET
H/1.1 200
OK smartechclient.js Show response
tw.netcore.co.in/ 640 B
1 KB 51ms
9ms Script
text/javascript 2600:9000:2182:9200:1c:47d:4bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.netcore.co.in/smartechclient.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9200:1c:47d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0da2d59994983f81ec97cf679eca3bb96789a8181530e9d30b661b5f08c40ef8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 11:28:21 GMT
Via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
Last-Modified: Wed, 03 Mar 2021 01:55:18 GMT
Server: AmazonS3
Age: 15418
ETag: "849ba59549fe9eee483237d1148db6b6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 640
X-Amz-Cf-Id: AkfUnalNm3Vfo_BpQDdSnBnee99WTqSGY3KjddeRgUkWIfW42WUegw==

GET
H2 200 article-details.min.js Show response
www.thestar.com.my/theme_metro/widgets/article-details/ 620 B
699 B 61ms
58ms Script
application/javascript 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda

Request headers

:path: /theme_metro/widgets/article-details/article-details.min.js
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:41:49 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 06:35:12 GMT
server: nginx
age: 98
etag: W/"5d301320-26c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
cache-control: max-age=2592000 public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: SlV161oBuHo_FZfH7ZdJP3-dwkU-3wgVC4mNhjF1zPEJwRF4REYXkw==
expires: Thu, 29 Jul 2021 15:41:49 GMT

GET
H2 200 responsive.min.css
cdn.thestar.com.my/Themes/css/ 14 KB
4 KB 47ms
39ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/responsive.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S_B3oJBTQs9EQLENGudTdjShAznEKos3
content-encoding: gzip
etag: W/"6d5c03350c2ef1690958ba685903187f"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 453
x-amz-meta-cb-modifiedtime: Sun, 03 Nov 2019 20:31:38 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:38:24 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Rd0yB_qSnQD9X2nFrShkAw-KOfuk8kVrnYaLDiwbRDDlovUhobTaeQ==

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 248 KB
73 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=9690437165de38a9b56782a85f4722c5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

183711921cebeaa51cde5a5f9db9e150a024e83a939496c2177e5c1fafd06f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.thestar.com.my
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rchLSlFWhmPSIzIManW5Aw==
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Jun 2022 15:40:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74765
x-fb-rlafr: 0
x-fb-debug: vSKDxN/HWPTxz4px489hXx/EwVYFyK4UiNtSugZ5S1PhCpJxIEnucXUkGiEMyQHjOKDpEIdMfqrsw8bQfBE8Uw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: d6068323a109c1c1de4889ba49c43470
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Jun 2021 15:43:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a9a56365be6dbcc5322120f51fe75bc6"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 114 KB
27 KB 45ms
9ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b590356ac85e5d53ac63c56bd0f5d8d7268280224274f441a2f6e3fae78025da

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 08:51:44 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27420
Expires: Tue, 29 Jun 2021 16:43:27 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 46ms
33ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Tue, 29 Jun 2021 16:03:27 GMT

GET
H2 200 NewsStory.js Show response
cdn.thestar.com.my/Themes/js/gpt/ 8 KB
2 KB 48ms
45ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/gpt/NewsStory.js?v=20210510
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 886aeab47a05dea1ac3fcba8e61be0e3a8ce2048a454914b95b1cf1b78566e4c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LECdtAwTCRdHhwP1Yxy5upDHwjDrGJC3
content-encoding: gzip
last-modified: Mon, 10 May 2021 02:57:41 GMT
server: AmazonS3
age: 2037
etag: W/"50aa5e73938c631ac0eb0f660a42bc17"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
date: Tue, 29 Jun 2021 15:19:50 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Pmadl9sPkHK--B_LqgGB98SwOcaIYK9vmyMBCIUT9N4N7YBxz0cA2Q==

GET
H3-29 200 pubads_impl_2021062408.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 52ms
51ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 17:13:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118414
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:27 GMT

GET
H2 200 client.min.js Show response
api.dmcdn.net/pxl/cpe/ 1 KB
1 KB 68ms
19ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0829ac43b09c9a9cfe273be88bf9afaf03db7837cff62366b371938f3dbd93b6

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 21320
x-amz-request-id: 7BDC3BB3869FC32A
x-amz-id-2: IX7KfvC+6G2lgPGIuPvD/sG1LcFeNW7d15YPxJuyoy0eOoezssVwerbEIDE46vmMk7jmFdIyqr0=
last-modified: Mon, 11 Jan 2021 08:50:38 GMT
server: DMS/1.0.42
etag: "449ce35e4e70119dde62d6977e35b103"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
content-length: 737
x-llid: 3352d9e85207f988137bd5cdad584377
expires: Wed, 30 Jun 2021 09:48:07 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/40636b6a623c41a574580c19efa630b6/ 2 KB
1 KB 41ms
8ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/40636b6a623c41a574580c19efa630b6/web_surveys.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f3bded8cbe1db818fa4bb443fb17c438cd2691d5068f2049275fddaa0bdd5863

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:27 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 09:28:37 GMT
server: keycdn-engine
x-amz-request-id: 4DZ5TAW2GRA8ZGV1
x-edge-location: defr
etag: W/"6af92b58e67a378b80dc5262169b0716"
x-cache: HIT
x-amz-version-id: MNnmabpKfh4nEywq2VgOGtHWoDTMYMXn
access-control-allow-origin: *
cache-control: max-age=10
content-type: text/javascript
x-amz-id-2: rSPMuEHdpOSUeth+6i7C7nXu357OZjfHTgofK5iyZopvK/ag65wt1Pe+n/uFK66jqyTBgK5+suM=

GET
H2 200 logo-tsol-full.svg
cdn.thestar.com.my/Themes/img/ 2 KB
2 KB 63ms
62ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/logo-tsol-full.svg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZB2.WLCHfckzpHruIV3tbVJ5i5eMVE7d
content-encoding: gzip
etag: W/"983d389524dd1f83d822a74af679d9fe"
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2819
x-amz-meta-cb-modifiedtime: Tue, 04 Feb 2020 07:50:39 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:29 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WY-PygnO2EWzp2rKCCXHRDIqTG25T4I0NFyZLDCWlWImXrB_ieYr0Q==

GET
H2 200 tsol-sprites.svg
cdn.thestar.com.my/Themes/img/ 95 KB
26 KB 88ms
76ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/tsol-sprites.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210623
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nepKuIFWZLQ.0Tc7GuCPXpFr_VLZlyTX
content-encoding: gzip
etag: W/"f72aac0fbcfab1977790a9027f2fda83"
last-modified: Wed, 02 Jun 2021 06:30:46 GMT
server: AmazonS3
age: 2409
x-amz-meta-cb-modifiedtime: Mon, 31 May 2021 07:35:08 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:25 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: BezE6t2M1GyxF4MiiDjWkq5cE_ktQXliDk7V0hmXCs_o-pdBDD0EDg==

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com.my
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:10:17 GMT
x-content-type-options: nosniff
age: 9190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:10:17 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com.my
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:21:47 GMT
x-content-type-options: nosniff
age: 552100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:21:47 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 113ms
112ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=388467334571811&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9690437165de38a9b56782a85f4722c5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 7XLTOusFKIPRSjiA0XcxLiPVIz1fwC+zUnhdNpZEOdMwawGvSuG/b49krZWrHWaFddua/oi/UquNgZn7Y3oZMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Jun 2021 15:43:28 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 430ms
108ms Script
application/javascript 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00a149fe9401c432f57edaa96ee66b065d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:28 GMT
content-encoding: gzip
X-TraceId: 81c1e00a58c03ed220e249c708f927b1
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 430ms
107ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&optOut=false&bust=0078131245304222
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:28 GMT
Cache-Control: no-cache
X-TraceId: f96c3fb4c951d71ac6dda307cddfc5d3
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 77 B
694 B 114ms
39ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkqi7z3158cvsf7gs&persisted=ec30973424ff3948df3ac1b786e3d43d71aa5a89&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kqi7z30oj2ens4gn%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

bef7f973a45e29ad4a34e06a696981dc926ab5385b05041e672fdc79502b757c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:28 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Topicbar.txt Show response
cdn.thestar.com.my/Components/TopicBar/ 3 KB
1 KB 154ms
77ms XHR
text/plain 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/TopicBar/Topicbar.txt?v=1624981408737
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6885d7d4425e00df32125bd104f6f1a6229063efee110537165f93f1a867ec7f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YvKwCcCCBIZ.pCf7_Db5NTsWhruYF.D0
content-encoding: gzip
etag: W/"a7d0c5ba85c69d00d0c0569e122ec2ed"
age: 217
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 15:06:09 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 15:41:11 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: text/plain
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=180
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: eVJKmcvY5m7MoqPMl-RdPONq0eNn4HMzMZDSOzJVk3EsNyPNnlFp2A==

GET
H3-29 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com.my
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 00:59:47 GMT
x-content-type-options: nosniff
age: 571421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 00:59:47 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 100ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:28 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43670
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
822 B 118ms
38ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ac6128bd87a25464c7f2e98b3bd4e4f5113bd17bdf989838ef91749c3d8c537a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:28 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8be03db4-b76e-448d-8cd2-78b6bc93eb7b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn.thestar.com.my/Themes/fonts/ 75 KB
76 KB 47ms
39ms Font
binary/octet-stream 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.thestar.com.my
Referer: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZzJSZtVVrlqTf6sRJI1XVNyPPupEdB22
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 395
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 77160
last-modified: Thu, 01 Oct 2020 02:18:02 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 15:41:50 GMT
vary: Origin
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=606000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Pm8Ajx7MnMJxHCWTSqwDfyDVbYUqm_n_HZ56LzjcBkRrfARpMZCDfA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 511 B
277 B 221ms
220ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=2806185739541370&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_STO&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie_enabled=1&bc=31&abxe=1&lmt=1624981408&dt=1624981408882&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=278&adys=447&adks=239678309&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1620x25&msz=0x0&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8f09368ca475a92ad921eb984ebce7ad6189907ba48b0425d66388ab8f35a686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06FB 6 KB
3 KB 49ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:43:28 GMT
expires: Wed, 29 Jun 2022 15:43:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 77ms
75ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=220521244170757&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_AdRefresh&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie_enabled=1&bc=31&abxe=1&lmt=1624981408&dt=1624981408892&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=172&adks=1690029205&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1620x1&msz=1x-1&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b063d453ff171405d7cfa9085bbe06db2a3583d1ce238d63d05ef3dbdb80bd94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4222
x-xss-protection: 0
google-lineitem-id: 5621370612
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339998619
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com.my
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135608
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:11:22 GMT

GET
H3-29 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 24 KB
24 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com.my
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:35:00 GMT
x-content-type-options: nosniff
age: 529708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:35:00 GMT

GET
H2 200 tsol-default-image2017.png
cdn.thestar.com.my/Themes/img/ 6 KB
7 KB 36ms
35ms Image
image/png 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/tsol-default-image2017.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be20d3ed7bdef0c2f7fa9c3da50988bb1ae4c5aa7495bafa13f72b4cd487f35f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RCRcVtVZ9_oPQK7WY22HSnqO5is_qVf6
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: "4ebc3a7f3379462dc5b4939706877446"
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2038
x-amz-meta-cb-modifiedtime: Tue, 04 Feb 2020 07:44:13 GMT
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:19:30 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 6282
x-amz-cf-id: IBaN0TUUW7Y-8ADJ78dzVx5tsLLPYoIivuIbAXbfhhiD4lDPYPfVOA==

GET
H2 200 1202747.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 8 KB
8 KB 42ms
41ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202747.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10fa0c0a0120a9b67837bdd4cdb5c91e4e7e46f6ac7596fae74c7d6e4171db7

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:48 GMT
server: AmazonS3
age: 918
etag: "a0d76d696ed7f80d78cbba747a34c19a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 8161
x-amz-cf-id: HwaowMFx4oI_7-SPIopJNmqcF1F_YYeriqG96E6HU3Ta1XdF6aj7PQ==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 639ms
638ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=3056117009275474&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_ATF%2CDesktop_TSOL_News_SP_ATF_Megalead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x90%7C970x250&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie_enabled=1&bc=31&abxe=1&lmt=1624981408&dt=1624981408996&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=167&adks=2910908103&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

419b533bb371a333bf125e39bb9d80690d434a10be5e6b632b2008e4199d48c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4833
x-xss-protection: 0
google-lineitem-id: 5401583275
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317213737
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1202643.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 7 KB
7 KB 40ms
39ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202643.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef7bf216399985de78bfb9528b410f92e86ade9a8cc22641a57a17c735b3503

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:16:42 GMT
server: AmazonS3
age: 1033
etag: "210183a4b8503562a3c0aca20353d2b7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:01 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 6934
x-amz-cf-id: -rDy8jepnwCc-0glTxGCD398pFwddsIMjs9Yxv82s1Z7Tu40JxQDng==

GET
H2 200 1202636.JPG
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 5 KB
5 KB 42ms
41ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202636.JPG
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1cd164af924c2c5383c9ce1e6f1c155d0c1021551ebdd028801f4f6786d7a0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 13:56:57 GMT
server: AmazonS3
age: 101
etag: "7aacb964bc7729a8651e9d69bd98ba6b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:50 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5174
x-amz-cf-id: nSMjdIhGk8H1X0qWOqzwiAu-RsDWV7AlpD-E8NOmtzFNuARMisKukw==

GET
H2 200 1202623.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 10 KB
11 KB 45ms
44ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202623.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 344cd10a06733c3ecc05667714a33af546823785f2231c58de69e56d3e69e9f8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 13:39:10 GMT
server: AmazonS3
age: 606
etag: "0ff228a5f7b889e65471e567e31ba109"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 10707
x-amz-cf-id: fUvEL5vZLUW_tT6kEwHCwYak71HB1ldR6ybCVQ1BwEa1LHgjxTlTgQ==

GET
H2 200 1202619.jpeg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 5 KB
6 KB 46ms
45ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202619.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9249d94e3179f81697b30e5851f1b6d09824219176fd797387011cdbea7d955

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 13:30:20 GMT
server: AmazonS3
age: 1061
etag: "1de1f973604471d0a5c479424c022162"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5319
x-amz-cf-id: nyWgpvRdN8kwz05cUa4AkOjehiBr6ipBm7Tk8dHHJAeFr8eSzcgBNA==

GET
H2 200 1202617.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 5 KB
5 KB 80ms
79ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202617.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e17e0c0cc181ab4a29d6a197e46acb8ad3a43b322df55cce134077b7a41a2400

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 13:16:57 GMT
server: AmazonS3
age: 640
etag: "81de62b9f13ee32c6391ba38ed1e1f35"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4864
x-amz-cf-id: NXoGUH7sU3k53Mb3SeoGCNLXO467fAhqSRU-U29jDWsB_bN77sJKbA==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A58 0
0 73ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBpDNhNpMb36Hi_Bkh7z6G6WxTxNRc_VKM4wqyo__MzWjEVGErudBhzXeqSbTZIDUmEvG6sEsw5UVPDidzaCQK_AuH9tAl_8xkHSDz9DNgDGy_CA_LtgnNI8oAvS6YE8NK_aW-Aak_XQDVzMoGgaeMSQvCyBjlXDs_LwlCj81kwyThuU9v3Ch9RPGiRdIjCa1mYnCHmvbiJ0FLZKPclNK_r8NkMWrm8vrPXIgaTI_iFI-l-CINCE1ndNKA85VjTljyFGvrz7pV7XNGf3qOEGbcsB3ESPeRHPzRKuWC9KIRhcnHu5x7yhdOgubmXaY8aPbntUuRCF7CvvIvZFk_tuFgBBG2eIP0MkDEWRbI6XIbIHI&sig=Cg0ArKJSzFl6bdq6KP64EAE&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9A58 68 KB
24 KB 44ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

fcde9d2b057fa20a1de9e117ff72b96dc112bf94956c0a3953e2ddffea4af595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "915 / 961 of 1000 / last-modified: 1624965047"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24253
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A58 125 KB
38 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 1202614.jpeg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 6 KB
6 KB 39ms
39ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202614.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84b73a2c423d73b7d75c0302c8448ce4a79f6a36380c35d09b24e53367acd36d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 13:11:45 GMT
server: AmazonS3
age: 640
etag: "e4a3921823c5bd964ad91c41803e5c5a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5994
x-amz-cf-id: QECIKTH5bTmRTxl3JN_j7ANvLn6iEt-FI97Txhjw3qlGL7mVJJq-dw==

GET
H2 200 1202607.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 8 KB
8 KB 42ms
42ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202607.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91d2b343fbb791bf22ba3dc57107ab7a31fc3c8ed6fe5a62ade38ad382a204c3

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 12:49:31 GMT
server: AmazonS3
age: 382
etag: "b3f67b94124b750194a6b1ba543dd2fc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:37:07 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 7704
x-amz-cf-id: 0mFmj9rY5vdZEikcDrMoWRvh5fhRrubEnqWRXKVWp8xs9a18NtGPWg==

GET
H2 200 1202551.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 7 KB
7 KB 49ms
45ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202551.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d62caafa10ce1224e042adf29454f089e60bf224213f191c1cd701a9ca79756

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 11:55:05 GMT
server: AmazonS3
age: 615
etag: "854b9cdd0a20f9b46849dc7494af8bcf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 7094
x-amz-cf-id: oxTAgpBc4GaURG1bP4UQncA8XDGkMo6K8-h_MyfN2mOAOurT9FzSXg==

GET
H2 200 1202566.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 7 KB
7 KB 48ms
45ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202566.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 492fa30e41a85afbba06bde26c241268e4740b5499ebe18dbe812871a0316d28

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 12:15:01 GMT
server: AmazonS3
age: 1145
etag: "1afca76d0dc48b946452f9dafeb2e1e7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:35:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 7146
x-amz-cf-id: ddftdEF6vMNGphr2K4SYHaNUXaPH5uFsnW8PteCbOlqbz4bsSnCDcg==

GET
H2 200 1202553.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 8 KB
8 KB 851ms
849ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202553.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 874e0a7177c56575e987e0a037238d55b9a811ad6718664eeba3bdf5cecfacc3

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 11:58:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "1d0431683862664c6222365c921783de"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:43:30 GMT
accept-ranges: bytes
content-length: 8148
x-amz-cf-id: iQgvEnYB1LhQXG0HPBbGy8QNk7_uqunfQXDZmQy5e1D0vsMntysOqw==

GET
H2 200 1202595.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 6 KB
6 KB 41ms
39ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202595.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 471af9806275492b4d310d0433d4bb8cc26288a126f8f71991b51b6550427a43

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 12:31:24 GMT
server: AmazonS3
age: 833
etag: "535d7967240e53e12859919a1d2b452b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 6146
x-amz-cf-id: JviExl3pwRKEspXmsCQs5yheuGSHGPWpkiK9-xh88re9Rs9_crVEsQ==

GET
H2 200 1202600.jpeg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 12 KB
12 KB 44ms
43ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202600.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0967fae34ab9c044f6b304086b46661ad5d9a1f96069a0a300e41a964e6bc82a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 12:39:13 GMT
server: AmazonS3
age: 833
etag: "e6da42253cb28c457391b0bb2be874a1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:36 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 12210
x-amz-cf-id: 3kx92LeMSTpXMeKfHpMjkn4r2kNvPZpaQTUNWA-KL1PVcBF7FkDUqw==

GET
H2 200 1194753.jpg
apicms.thestar.com.my/uploads/images/2021/06/23/thumbs/small/ 11 KB
12 KB 54ms
52ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/23/thumbs/small/1194753.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baf7a6145f5eeb554ec0783bb7386519828999269506e1d2e2a469800330a738

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 05:46:04 GMT
server: AmazonS3
age: 142
etag: "dd53c4ef6789722df95f2ec64217acb3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:50 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 11450
x-amz-cf-id: 4U9ez8pcAEoj75pp5ObHaa0jJt0CLB0KCy4C5w6nhZtI8qCa1SDhXQ==

GET
H2 200 1201969.JPG
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 7 KB
7 KB 48ms
46ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1201969.JPG
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a2acb826875848ad766b684077ac2e25b9edeb41a33b22412b6453eb4fbb816

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 04:50:40 GMT
server: AmazonS3
age: 1018
etag: "22565d3934e2a9eb4b5dc9ce36e352a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:01 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 6886
x-amz-cf-id: yjdnKX6W5EY-sCvSrRpiL0MZOghHZuwyJNpaus-ipIw5U4vixBTbOw==

GET
H2 200 1200384.jpg
apicms.thestar.com.my/uploads/images/2021/06/28/thumbs/small/ 10 KB
11 KB 48ms
46ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/28/thumbs/small/1200384.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 993664af9855090f1006a94eca142b31a892b8d402277dc787e33ba2c3250741

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 02:09:03 GMT
server: AmazonS3
age: 181
etag: "0578bf9410359551bad8ec3270d1c9cc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:50 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 10699
x-amz-cf-id: GjWmQCC4UEksffvYxlPWughEr3g-JhBeTHlpoRrCaK1_HZ_ShwBHcQ==

GET
H2 200 1202463.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 10 KB
11 KB 65ms
63ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202463.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a87f288ba02efbf19b36db79d6e0bbaf191bbe49ff6035e887ddf70dfea471

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 10:31:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "8630fa1f22baf6f956610a62079d729b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:43:29 GMT
accept-ranges: bytes
content-length: 10543
x-amz-cf-id: 7qLpEwBAIfRzE1bztAoLabjQ-ZxunKA386w3iXxT6ZoDea42F7GySw==

GET
H2 200 1202002.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 8 KB
9 KB 62ms
60ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202002.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a942dfa8078cf39d86d2dc22d73314f67ad588b7a49bf18710139cdf4925c7d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 05:37:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "657ae906b629095151a2091150faabb2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:43:29 GMT
accept-ranges: bytes
content-length: 8679
x-amz-cf-id: 3lpKCOuC6YMFOz3kUKQafKOXci8xb7Emk6D2G1kJl1WfSIiKZfbRvg==

GET
H2 200 1201789.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 7 KB
7 KB 66ms
65ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1201789.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 402825f6b0ae069c50019632d038f630e62a2b4811d9166ed9fb53e02203e562

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 03:00:36 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "dcc35c4da9a8b087eb07e4dea4263e33"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:43:29 GMT
accept-ranges: bytes
content-length: 6880
x-amz-cf-id: sV3Zw30WsNGIRLkESWgQi7OhkpiBvL3ZcuwxIbPcgZm70pNr8-_Kiw==

GET
H2 200 play-icon.png
www.thestar.com.my/theme_metro/images/ 835 B
1 KB 241ms
240ms Image
image/png 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com.my/theme_metro/images/play-icon.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac

Request headers

:path: /theme_metro/images/play-icon.png
pragma: no-cache
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D; cX_P=kqi7z30oj2ens4gn; outbrain_cid_fetch=true; __gads=ID=b6c4d75303e0640a:T=1624981408:S=ALNI_Mbl7aTU-5qdrrNC2SQPNdbdBQFBkQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Jun 2021 15:43:29 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 06:35:12 GMT
server: nginx
x-amz-cf-pop: AMS1-C1
etag: "5d301320-343"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 835
x-amz-cf-id: kVRf3bTW-HW-cVbxzW9FozxPpFYkoiqKKHp4xbu4Mdw_Q_mF6ZFOTg==
expires: Thu, 29 Jul 2021 15:43:29 GMT

GET
H2 200 1202351.JPG
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/ 12 KB
13 KB 51ms
50ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/small/1202351.JPG
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 809b0197303aa2ec9b7d6da9e542c375bff5888eacc0b93d7c8c2c0a516cbe8a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 09:07:17 GMT
server: AmazonS3
age: 456
etag: "5ab58521cef27162b6b685f655b2381c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:41:50 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 12525
x-amz-cf-id: qBH4KQ1lZyZqsfk7Ou3CgVGK25Ns_MUrT2fjF_g76jQlSdbEYlpqjg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
822 B 37ms
37ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f15d1a62eb28785496cffe59def46a5ac0f1806620b9fa9763fe6b8e84aae5df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c7f162b8-b92a-46a8-a88a-db3f22bf3544
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
821 B 72ms
38ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c84489c6c8af255c933de67b6543e64f0f84a6e402927cd18ae4673ce21ac5c2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e0211bbb-7d89-4712-9132-31333002607c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
822 B 109ms
38ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e4d7cb2915ec1123980c3fd13b49b854cd1886503bd2697123bb1b2eabfa31c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9690d90c-f7ec-4fc0-ad4e-354ad8f5a47c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
823 B 119ms
47ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

21f1f7c23282d4a168489ce581cc7ab880a9ef5422be7894f9798d3661a6b337

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f10b7688-02b9-4f32-b384-5ee781fccd30
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
21ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 73ms
72ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=556760762769106&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_Slider&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie=ID%3Db6c4d75303e0640a%3AT%3D1624981408%3AS%3DALNI_Mbl7aTU-5qdrrNC2SQPNdbdBQFBkQ&bc=31&abxe=1&lmt=1624981409&dt=1624981409148&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=180&adys=2266&adks=1323336025&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=840x2049&msz=820x0&psts=AGkb-H92qF0FZUtFzPRGkVsUE4t_ZFPvl-O2WDav_ccwRmlaLFQdTHhAsVrTKK3I5x3zbD1XEYvl4kVADqQVLoFSgB1MzWdaPjP1e7uQiNvOC2KK&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8194037ab81043c772ded558d7373b06f745c5195b122b94690c753b9b7ff93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4117
x-xss-protection: 0
google-lineitem-id: 5529441009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345474143
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7ECD 416 B
798 B 32ms
32ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1624202906.691501"
last-modified: Sun, 20 Jun 2021 13:23:02 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Tue, 29 Jun 2021 15:43:29 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624981409~rv=56~id=63d151ca300aafa2fa4ab5a4e23e523f; path=/; Expires=Tue, 29 Jun 2021 15:43:29 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LnRoZXN0YXIuY29tLm15 Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 139ms
75ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnRoZXN0YXIuY29tLm15
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16002
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 9e658aaa6c911af98f97e47445d96089
Content-Length: 16
Expires: Tue, 29 Jun 2021 20:10:11 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 34ms
32ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.2906477222462995
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 29 Jul 2021 15:43:29 GMT

GET
H2 200 Branded.txt Show response
cdn.thestar.com.my/Components/Branded/ 7 KB
2 KB 45ms
44ms XHR
text/plain 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Branded/Branded.txt?v=1624981409203
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5faece53401bc7eb08a79943ce2bef292d00a00777dad0e5b618525254342a16

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: m147VykuYiugQJMyXEQOU8xud4f2OiAd
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 15:34:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"f48774eea73f1efe321da630b7374129"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:29 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 78tDViAz0ld8R9gNVOYMbJOqjP7Aazlf2ncjVHfRz1gLl9VfT8F-wA==
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)

GET
H2 200 loading.gif
cdn.thestar.com.my/Themes/img/ 2 KB
3 KB 35ms
35ms Image
image/gif 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/loading.gif
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eba3a9df23af26c6d75b298846b3f2163d63b1df3d611976bb7e122a52a3148f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xRJEYV6_wc4C_AlOpixHYaiHp1QK2B60
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: "67eb63b57910a3c89f76495f47a45f9f"
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 1079
x-amz-meta-cb-modifiedtime: Tue, 01 Mar 2016 08:40:05 GMT
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:26:27 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 2536
x-amz-cf-id: syHShrUVN6cecdyQDNBDcEFu4DT9qAxH5CX6FDzzG8nkKl7Gk9LxrA==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 497ms
496ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=269867139115840&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_BTF%2CDesktop_TSOL_News_SP_BTF_Lead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie=ID%3D8dd9abb74a01f654%3AT%3D1624981408%3AS%3DALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A&bc=31&abxe=1&lmt=1624981409&dt=1624981409222&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=226&adys=2251&adks=63714341&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H92qF0FZUtFzPRGkVsUE4t_ZFPvl-O2WDav_ccwRmlaLFQdTHhAsVrTKK3I5x3zbD1XEYvl4kVADqQVLoFSgB1MzWdaPjP1e7uQiNvOC2KK&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

31ca908152e6077fa84e863b4371ff6e3f0e43635cb7dc47e97191e22dd4acd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8607
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 560ms
555ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=617742612194921&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_News%2CResponsive_TSOL_News_SP_ATF%2CResponsive_TSOL_News_SP_ATF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie=ID%3D8dd9abb74a01f654%3AT%3D1624981408%3AS%3DALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A&bc=31&abxe=1&lmt=1624981409&dt=1624981409249&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=241&adks=2166171109&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H92qF0FZUtFzPRGkVsUE4t_ZFPvl-O2WDav_ccwRmlaLFQdTHhAsVrTKK3I5x3zbD1XEYvl4kVADqQVLoFSgB1MzWdaPjP1e7uQiNvOC2KK&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=420&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0bf8a0d749a528cc29ce62e8a01a571d2925dcc9b0bf688ea1bad39a10d66cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11345
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set subscription_footer.aspx Show response
sites.thestar.com.my/tsolnewsletter/ Frame 808B 3 KB
3 KB 730ms
182ms Document
text/html 13.228.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 6dd5151562c6ba082554127a6f50012bcd3131c3e2ab2aa5726067e130a080f6

Request headers

Host: sites.thestar.com.my
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: cX_P=kqi7z30oj2ens4gn; __gads=ID=8dd9abb74a01f654:T=1624981408:S=ALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

Cache-Control: private
Content-Length: 3062
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ezsizaruzz4inirvygtu0oor; path=/; HttpOnly; SameSite=Lax
Date: Tue, 29 Jun 2021 15:43:47 GMT

GET
DATA 200
OK truncated
/ Frame 9A58 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc213bade307db84bdce0d1e4a381caeb1b2a6208361066bf9785786ea9ea858

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E58E 0
0 74ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWBOwYdO7P43mZiK7QQJI7167vAlSnPIrPoCPPG33NSi08fIs2ZLC5E4xatKod9UGf85jNgM-F-uAi6EHb1dXpRfCShRAz1k31y0g_517771iUMHvP0OvTclQGfq0STpabL-3KWHyCw6ZJT7icgkQ4-H-71QgDWdhuwTpahqQN7YXq7bmgxKS9ZwOhdOYPFXNEfqgjUceXrOc_SdTNR4UGxX3RUzK7HVgbl9duNEvF_KVY1k0yRg-m8G4v-NRmiIHeXgddDjBjuHtwHYglTVzDE_V8M13K_-Mb_AfS75NBph1_qgQSahD1JW7gRQqMRxc28XzV9kanhlgYe-2P-9FxoctXmwaeGvNx0RC_n1S_pnIARSn4NPcC1M_Fp--3ZaHhrFK-Gqw8mLNabiC9lAFTAAhqbewtJh6j9LiT5Sae&sig=Cg0ArKJSzAr_H6CmMnd3EAE&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK thestar_11272.js Show response
ads.vidoomy.com/ Frame E58E 4 KB
5 KB 408ms
140ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/thestar_11272.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: d5b38208aa9fad84fdab635f8d7b644455337ecca957b55f5e959c5219bdec72

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4402

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E58E 125 KB
38 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 644ms
642ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=1249559230482981&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_News%2CResponsive_TSOL_News_SP_BTF%2CResponsive_TSOL_News_SP_BTF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie=ID%3D8dd9abb74a01f654%3AT%3D1624981408%3AS%3DALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A&bc=31&abxe=1&lmt=1624981409&dt=1624981409345&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=1035&adys=1462&adks=63327834&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x0&msz=370x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9fjDBFYDgX8midsmia6e8bUbcX0jXmF-EUrdPK13SlyEDfP4TRBLXpe7hOd32_VjD3Yo6cqFq0Av1QXnqUPOHcTnmc3QP1cjLjKT2tDzp_Gw%2CAGkb-H92qF0FZUtFzPRGkVsUE4t_ZFPvl-O2WDav_ccwRmlaLFQdTHhAsVrTKK3I5x3zbD1XEYvl4kVADqQVLoFSgB1MzWdaPjP1e7uQiNvOC2KK&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=4&ohw=420&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a74455519d243dd6f23e2fdd00aa4f74e5631686ea52144928b1c853e746fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 82ms
82ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4387599141882494&correlator=3515100326997857&output=ldjh&impl=fifs&eid=31061663%2C31061729%2C31061180%2C31061661&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_OSV&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DMAHB%252CKLIA%252CKLIA2%252CCOVID-19%2520screening%2520facility%252Cterminals&cookie=ID%3D8dd9abb74a01f654%3AT%3D1624981408%3AS%3DALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A&bc=31&abxe=1&lmt=1624981409&dt=1624981409356&dlt=1624981407493&idt=475&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4031814106&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9fjDBFYDgX8midsmia6e8bUbcX0jXmF-EUrdPK13SlyEDfP4TRBLXpe7hOd32_VjD3Yo6cqFq0Av1QXnqUPOHcTnmc3QP1cjLjKT2tDzp_Gw%2CAGkb-H92qF0FZUtFzPRGkVsUE4t_ZFPvl-O2WDav_ccwRmlaLFQdTHhAsVrTKK3I5x3zbD1XEYvl4kVADqQVLoFSgB1MzWdaPjP1e7uQiNvOC2KK&ga_vid=989508219.1624981409&ga_sid=1624981409&ga_hid=98582532&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b9b549848c0bfbe2cc510d96f5d9ee6ebf61bec55c6764677f99b5927eada175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4167
x-xss-protection: 0
google-lineitem-id: 5077360768
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326851841
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1197520.jpg
apicms.thestar.com.my/uploads/images/2021/06/25/thumbs/large/ 16 KB
17 KB 41ms
39ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/25/thumbs/large/1197520.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b54dea8e88cb52261213c4d12ebf96486e9518cdf8525fe0cb55720a1fc2ee0f

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 04:12:47 GMT
server: AmazonS3
age: 979
etag: "82e1fdfe991a3b24909e7a1f7e7a1963"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:01 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 16884
x-amz-cf-id: SZmZMAne8RBaRUgibTVzxejoSN3kzot6UfPtYr_leUV8ieG8hnxG-g==

GET
H2 200 1192233.jpg
apicms.thestar.com.my/uploads/images/2021/06/21/thumbs/large/ 60 KB
61 KB 73ms
72ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/21/thumbs/large/1192233.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25bd9a64f65e892ff8ac4fcc456dff5954f8a6969a3846ba4ba5903969ca4b17

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 07:20:30 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "a53fdeeb1f4d9ff8c2f6891277ec37ce"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:43:29 GMT
accept-ranges: bytes
content-length: 61543
x-amz-cf-id: 10xbtraoAgcBuvQ0uXdTdL9LeRNkEXCRzJjsh8P3YoIVZzq9P69WTA==

GET
H2 200 1202254.jpg
apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/large/ 46 KB
47 KB 42ms
40ms Image
image/jpeg 65.9.77.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/06/29/thumbs/large/1202254.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a927612f872903b465073ee5fcc41823bc80bc85b2724d223f48fb6c23435882

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 08:21:19 GMT
server: AmazonS3
age: 1037
etag: "0d37eb5155662b48d3c3962e7622d3eb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Tue, 29 Jun 2021 15:30:01 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 47571
x-amz-cf-id: Or4ioNiBrfhkZXcxo96yHTht9ds1HO4Oo1w6mGPFle2yGosmSRSHbA==

GET
H3-29 200 pubads_impl_2021062408.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9A58 332 KB
116 KB 56ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 17:13:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118414
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 home-grey.svg
cdn.thestar.com.my/Themes/img/ 1 KB
951 B 35ms
34ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/home-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iKT.5yejZvc4POdV8Tabe7aj6JXaFYKH
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2953
etag: W/"2f089abb1a815b7573aee61676ce494a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:33 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: exXLEcn1ZMpM4QSCo8QgVYAcFoWB5vGQOk_bNVbUmdI1UiU1s83fgA==

GET
H2 200 for-you-grey.svg
cdn.thestar.com.my/Themes/img/ 3 KB
1 KB 36ms
34ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/for-you-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: w7MOlogLTHynNMKz5HAzX7B5N2iAIrp0
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 3014
etag: W/"022db165b3c8a0fd90abf412efca1e65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:56:33 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QfN8ypq2UHyXKai0HQyXnJDTb8TrQKIAFNMBA02pQh9l_8LaqkoHQw==

GET
H2 200 bookmark-grey.svg
cdn.thestar.com.my/Themes/img/ 430 B
821 B 37ms
36ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/bookmark-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pAG2hmmE51fnq5Xp99Cla7Tf29NT6Exq
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 3483
etag: "bce4e380fa2100c507926b4c875ef156"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:15 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 430
x-amz-cf-id: tgi41GJ_kz01JNOCjQWITXnP96KzHhblk7ygMoLrFZaH2i4hD4TVWQ==

GET
H2 200 podcast-icon-grey.svg
cdn.thestar.com.my/Themes/img/ 1 KB
914 B 38ms
37ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/podcast-icon-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lRDIEQegUr9xjkZKhFx9S7_qrf4WmSsn
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2147
etag: W/"cc05c46b7da9dbf62a65266a55f0476a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:10:27 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Se2EXITKrpMcSMsbTZtKCddL6OpY1hVknpqlkSu00sc-J4ryLcgTOQ==

GET
H2 200 search-grey.svg
cdn.thestar.com.my/Themes/img/ 882 B
1 KB 38ms
37ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/search-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AuwJ7QRx8vivVMdQpCg5ZY2WKboXLadY
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 1121
etag: "471e3523d499fc268cdd78c32c7b4cf9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:26:27 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 882
x-amz-cf-id: inZM9rgkaLvEzRW0bFXgfNWkuyQcl4P8N_UPZI4-ywVTefNXMsVX2Q==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 482ms
111ms XHR
application/json 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1624981409422&sessionId=b0595848-bac2-5d0d-839d-61b046b81392&url=www.thestar.com.my&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:29 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5bdccb42f33f29c5b0cd7a3cac3a49be
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 23 KB
6 KB 32ms
10ms XHR
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f70139c0137ae9d1210dbc3959d35ca70e04f5d5aa5072c8cc4215a993984507

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 16:40:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5995
Expires: Tue, 29 Jun 2021 16:43:29 GMT

GET
H2 200 config.min.js Show response
cdn.thestar.com.my/GlobalBar/ 14 KB
1 KB 41ms
37ms Script
application/javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/config.min.js?v=20210506
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f99fdcb7eda8ca60a3ca72b632d7be058f450e2fa24547fe374eb8a3cc243de4

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 18:28:45 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:37:45 GMT
server: AmazonS3
age: 76485
etag: W/"0c9ae0d6d449e5c2fc624262c5b3073a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rLBea.FdHjwJ0.UfduOL_Nb2kQrqrHWW
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: kagJmH6AMjtVBP2ParvaFbfILJ2OrvFd71gCnL1vagvB3x4pUao3jg==

GET
H2 200 bar.min.js Show response
cdn.thestar.com.my/GlobalBar/ 18 KB
3 KB 41ms
37ms Script
application/x-javascript 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/bar.min.js?v=20200703
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fb003RZ_zGqi_3Iz5DBNjpr3fqYvMiS4
content-encoding: gzip
etag: W/"6df4e7b47257b431d12ae501b0983903"
last-modified: Thu, 01 Oct 2020 02:32:16 GMT
server: AmazonS3
age: 595579
x-amz-meta-cb-modifiedtime: Wed, 04 Mar 2020 09:39:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 22 Jun 2021 18:17:11 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: YMwnb9aKQH1o5fpi2nR83lUy2gvJih3n4lNApo_tKQS9_Lx2SSnJIA==

GET
DATA 200
OK truncated
/ Frame E58E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f2b19ef241fcb18eca3640ecbf0e3a93a4784d47bd7467c6fed094ea36dece

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86A9 0
0 83ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtJW0-8mYV3YYuJ5HXPQL3CZWmMPQRpHhQ_LtYpn6tFg9E1t15Qyt9gfIEmgtGd5AumiP8AnlgnVnHHmQxKY6jAc8so1sX9Mfej971kT9qoJyrZr4yYv4Q7qVC98V_de4IJpfqStwuVIbJibxgcTtrG9sBT2akAqwCNmDFpjVXZjsufzFKND6-E0LGD70sJOl7GCjzHzInJWLxmq0k3rWqvzWkx1WY95TsKLj9lL1Ft5b4Qgpq9D9Df8XN7UUS7GmiFQviymh83xIHNqPKBD_7yVDBfRlqcg9l3ZZ3pGrALn9ghqnzAVbEJwuC2Lp0NhON16J_uAHLrwelC241ffPO10SA2m67VE3Uyrd7aOKA9BQzM9uTFEEBYziLT5-kMxH8PN_ixl26_lDJBLTeDqCcvyEnDGDxrxuA8Jwo&sig=Cg0ArKJSzP-Dhb2N16K-EAE&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ Frame 86A9 8 KB
3 KB 122ms
36ms Script
application/javascript 65.9.79.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c727e92dc22defd55f6a1d7b931f568fd18f3e533e8e749c62aaf3a68dd3a38

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:42:09 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Tue, 06 Jun 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Mon, 07 Jun 2021 12:33:13 GMT
server: AmazonS3
age: 81
etag: W/"c7b6d3c8d00370a7ba805bd432e5d00a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 42qj2d8FVKe_ox8Ke51xZAWMPHu93EfLJ4R6T3Ym7xj3e51KP6D2qQ==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86A9 125 KB
38 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7ECD 610 B
992 B 36ms
35ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1624202907.391908"
last-modified: Sun, 20 Jun 2021 13:23:02 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Tue, 29 Jun 2021 15:43:29 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624981409~rv=9~id=b0f5815c8d334fd8cd25d21e5d2a83f7; path=/; Expires=Tue, 29 Jun 2021 15:43:29 GMT; Secure; SameSite=None

GET
H2 200 get Show response
odb.outbrain.com/utils/ 40 KB
14 KB 404ms
339ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&idx=0&rand=95915&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=180&py=2285&vpd=1085&cw=820&ts=1624981409555&settings=true&recs=true&version=2000372&sig=OAzWV20A&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf49b06d019a2575d5f3c260cd8557ccc1b4aecddbfd05a0ab3acf708ce601f8

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.45
x-cache-hits: 0, 0
x-traceid: 67a321b4c10164d7d8c31aa608748811
content-encoding: gzip
content-length: 14098
x-served-by: cache-lga21945-LGA, cache-hhn4041-HHN
x-timer: S1624981410.637996,VS0,VE309
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9A58 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9A58 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9A58 117 KB
16 KB 82ms
81ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1178920746484870&correlator=4338065293262494&output=ldjh&impl=fif&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21863666334%2C358804_thestar_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D8dd9abb74a01f654%3AT%3D1624981408%3AS%3DALNI_MZtr_Zrc9Urbd-pJCYeKR239UMT-A&cdm=www.thestar.com.my&bc=31&abxe=1&lmt=1624981409&dt=1624981409641&dlt=1624981409042&idt=553&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=0&adys=191&adks=3377693787&ucis=qgvcz1l8ligr&ifi=1&ifk=1966854323&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&top=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1x0&ga_vid=914902091.1624981410&ga_sid=1624981410&ga_hid=385453926&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

df4838ca8d7337d39c5e73e2306e08ed702c1e52f872c3bbddda102eff7bf8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16544
x-xss-protection: 0
google-lineitem-id: 5585854208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336445008
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0406 6 KB
3 KB 35ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:43:29 GMT
expires: Wed, 29 Jun 2022 15:43:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B2EE 0
0 72ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumPy7cNA1-d6Kf7dqKudiIisPVC-3PoDbBheoV2bLE8X8_uVHOQlB3Yyc4jetR1CsWtqKsl60pwdCBtwyrNL5006QtLfUcJY9-8atiBjTScoDd7vHIDwJbe8SGaIv14T_S2r_-U4iQbwzdt06wtPDLQtkawq6GG4aucAZkY3WxBR7jZgwelIOhZc-4XKIbA_lgdBT3Myzr-GbhxzfuQZoTtZKzCsRnq0fuKHOYoYG3qChNBY0dTkNBktDlvBKbhOEc4BvntnVQTiwjSrOdYjfHc0VefCBZ69_hek8A5KuTk5GyEPySbQ5fHRG0FS2v70mEPa_w1e7AhBt8cVQPP_udS3hJ7QjLFsBNK6KGYHWKpFZNLL6ZHK-TNyLf-dai-bi4Yb1bUayeqp0Ee3ta2v15MP5xElTbnbDakdsazulWWjk&sig=Cg0ArKJSzOLDIdobhIjlEAE&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2EE 125 KB
38 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 2203415605705202069
tpc.googlesyndication.com/simgad/ Frame B2EE 106 KB
107 KB 33ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2203415605705202069?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1e312ec8d20a3ce76ddc7aec8c03504e197a8d8192041da15cd1ec910cf4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 13:05:17 GMT
x-content-type-options: nosniff
age: 527892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108857
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 06:32:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 13:05:17 GMT

POST
H2 200 check Show response
www.thestar.com.my/controller/ 18 B
860 B 378ms
377ms XHR
application/json 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/controller/check

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aec971a8bba3795a9ec4a8a74ad09bab879de251c09ca3bfa20b6cccea4d1135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.thestar.com.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: the_star_session=eyJpdiI6Imozenl6c2hOdHpXVmk0SWxkXC9DU3FBPT0iLCJ2YWx1ZSI6IkZiYWF0N3k1d0NNUTlVeHVuaTNmWWgrSXZ6NEx5VmxaSERmeDBWc3BJVjU0VGQwTVl6aldvZldON0pzdFJ4aW4iLCJtYWMiOiIwYzhlYzUzNjllN2EwNjJlMWQ2Y2IwMmE3YzUyZTg2NDZkOTkyYzA5OGY1OWIxN2ViOTRkNGE0MGNhY2E2NDg5In0%3D; cX_P=kqi7z30oj2ens4gn; outbrain_cid_fetch=true; __gads=ID=871a92bd5d3d7a59:T=1624981409:S=ALNI_MaIi8x-BJMZnYuhE3MnXGMAxlxh2g
content-length: 0
:path: /controller/check
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
set-cookie: the_star_session=eyJpdiI6InZ6ZkJ6WWJiTVwvUzBkVU1nWDBhOCt3PT0iLCJ2YWx1ZSI6ImEyeFwvME80ZUNGQkFuZUxWWVJJZkdDc0FIMGlaM0NDV1hUUWNpWnZlZmg3a3dTa2hOMWRlakZSS25JMkxIRVBNIiwibWFjIjoiMTYyYjc3OGI1OTA4ZDFhZjJiNjNhNjBiNmQ2ZGE0ODEzYmVmM2Q4YTUwYjhmZWE2NWZlN2Y5ZmVhYzNkMWIyZSJ9; expires=Tue, 29-Jun-2021 17:43:29 GMT; Max-Age=7200; path=/; httponly
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: 9lJ7zYiJdplGDVLFSLv4kWDRrYUse4YDQW-WCnSM0iR--JUUwIfVUg==

GET
H2 200 home-red.svg
cdn.thestar.com.my/Themes/img/ 1 KB
956 B 33ms
33ms Image
image/svg+xml 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/home-red.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KZWSU2EI3njfvx4j1TIh_Mn4THsKY6Uo
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 1402
etag: W/"3ec8ad3cbc1fc0de9ce3d5ac429dfb77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:26:28 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pdIUMv3F5VUr9fEthgekjMPcAelnsBYdCR7Z57Hz9_SGk_2s6ry0_Q==

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
44 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e199e8629498e134003d8a6f734f05e942fe588bbac16cd349e507bd2898d6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45185
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:20:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Jun 2021 15:43:29 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 116ms
38ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:32:07 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: UMABgAYoKaFZMZEUlPZ__4AWIpKtuLhQ8h9nxlAIKoaJn39b7HTmdg==

GET
H2 200 vodus-tsol.js Show response
api.vodus.com/cc/scripts/ 2 KB
1 KB 579ms
182ms Script
application/javascript 20.188.98.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vodus.com/cc/scripts/vodus-tsol.js?v=1624981409970
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f813f6293ff17e90ad99a6dad5c33259bfab9a146e6c709c89d88596f779505

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
etag: "1d76cae1b5e604f"
last-modified: Tue, 29 Jun 2021 06:15:07 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 915

GET et_v1.0.1708-0-g52a14ef.js
video.unrulymedia.com/native/ Frame 5EBD 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 5EBD 0
0

GET img
rx-stats3.unrulymedia.com/trackedevent/ Frame 86A9 0
0

GET
H3-29 200 container.html Show response
c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2128 6 KB
3 KB 22ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:43:28 GMT
expires: Wed, 29 Jun 2022 15:43:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106212012000/ Frame 76F1 188 KB
0 34ms
3ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55206
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e7b47afdadb9c9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 76F1 13 KB
0 48ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4815
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c6d4b511682de4a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 76F1 86 KB
0 43ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27658
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "89763648e638c628"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 76F1 4 KB
0 44ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9b373dc53e7b532"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 76F1 40 KB
0 44ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12852
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "432397294f345717"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
DATA 200
OK truncated
/ Frame 76F1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe58b5b5475486c45a2d8cc38cb6f0266455dcec0766e7ed33a19836259182f

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 16685630705847929503
tpc.googlesyndication.com/simgad/ Frame 76F1 64 KB
0 21ms
9ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16685630705847929503

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:00:00 GMT
x-content-type-options: nosniff
age: 603810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78908
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 00:18:50 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:00:00 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F1 2 KB
2 KB 19ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 07:15:41 GMT
x-content-type-options: nosniff
server: cafe
age: 30469
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:15:41 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F1 295 B
319 B 18ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 10:45:56 GMT
x-content-type-options: nosniff
server: cafe
age: 17854
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Jun 2021 10:45:56 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 76F1 0
0 19ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3d0O97whfzpJBAFcsquqM3gN3pk3AQb328goPDXcLs_8GkRPsxWfbTAi1UdhwV0VRY1e8QEIxWssJVwBUVBgcM41DAQ
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 76F1 0
0 48ms
45ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CK42foT_bYNqIE4OM3gOipKOIA73LzKljnov4k-YMprioppAlEAEgpZeCbmCVAqAB5PiL4wPIAQPgAgCoAwHIAwiqBMkCT9D4ZLcn_lnjPYM5K16NbLTwajCLQAb8-FHJLsqHibyJqT6CZ-K9gAbMVmuVUGUNN5kdcWNpzroA6F64qpBDRNFDvCOVZsJ9g-2jPg1qWO64mIw8BOObhAfNdlwNbnDKPer_UrM6uWWl1EQEM-QJNH_07oNT_e34__Z0DmaahIJdtlaWzhQufskY_flkRzIt-ubqr2HLRmBJaOVeww5qOx23oOw2-L_1STJ93VGjb0vGdQS8MQHHxEMOjQzUHsaHvmagEK2Y68GBLetDzmBGLw1hqLTBH_0IoMQ7KksSdu8pAO5JhKVh0Wih_fx8rtbnLwzHPuojviv7ByAPEe61Ytprx4AcSZ4ip9QQhlgbqsfDhilXwikfGvKTRVWBU_IXhtc-wzE2MleSic6T58SNeTYxZnn_Yjejv0fKuGxsmeRAI2ejjirULrzABKKAwIGtA-AEAaAGA4AHiNGppwKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ5M0f0ggJCIDhgBAQARgdgAoDyAsB2BMD0BUBgBcBshcaChgIABIUcHViLTgyOTI3MjgyODE2ODQyMTc&sigh=s-9IQs_L09c
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 app.min.js Show response
api.dmcdn.net/pxl/cpe/ 62 KB
16 KB 34ms
19ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 1a64c6a2497c7c6e1eeb1d1e58ddd9d460d99ef5c45bace3f3fe672402d6ee65

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 9918
x-amz-request-id: D93FFBDD54DD669B
x-amz-id-2: vXtvLBk9blCP8S3uPYgCIidbI8p+ibBc+G/UHR6LMCisIX6bSTEtNA+7gNDClLdp7VYPGPBqPmc=
last-modified: Mon, 11 Jan 2021 08:50:38 GMT
server: DMS/1.0.42
etag: "d8ba3fcac734452ef6120c094cad2b03"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
content-length: 16095
x-llid: 5eb0a8d1d11080dab6aef5aa21d7c15c
expires: Wed, 30 Jun 2021 12:58:12 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 86A9 0
0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/ 4 KB
955 B 42ms
38ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
etag: 248765760--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=5, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 780

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7E83 39 KB
19 KB 30ms
27ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=invisible&cb=ht7eorxf80av

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d449aa1256961242e1aa75f57dcfead3d380195d153013adc464f2a5dd507a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hN8p/TsDfaV4+T6rroxwdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=invisible&cb=ht7eorxf80av
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Jun 2021 15:43:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-hN8p/TsDfaV4+T6rroxwdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19882
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7021.js Show response
script.crazyegg.com/pages/scripts/0012/ 5 KB
2 KB 45ms
20ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?451383
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12fd38024cfa5af989f3fab1f9e76a71c7d0f1640a5ab39abbb712ac0f07c53

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 89805
cf-polished: origSize=4864
ce-version: 11.1.309
cf-request-id: 0afa09a9a70000dff30e117000000001
timing-allow-origin: *
last-modified: Mon, 28 Jun 2021 14:46:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 66704555dc59dff3-FRA
cf-bgj: minify

GET
H3-29 200 container.html Show response
c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE3F 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061729

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:43:28 GMT
expires: Wed, 29 Jun 2022 15:43:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E158 0
0 72ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF7G3yr5B0WsDQh958ZRHcNN074IU7EZR12Sd6InL2l8I9Sac1k4LanY02pIUvY161cM0h-Dqirzgl7sLQFGwJ88-64AWmmNehMJ4g5FtggmAJ4aldSZF0mSqVDC5zftuhFsfZ1DwPtPAf7eZp1B6j2SceI1jNlMgTZT6hnbUMW-JOESdR650hHUvB_jlS7CUO79xbFJ72uYq2ENQav7nJlQM-ORxSv6BGCyX0zTr3PoKwAuI83pinXpOa6BwXkCO1BYMKHXZ8gvXAgnkfSvmR2-aiFewfjBfrOCxa3UWwMqdDLXQKyLjqi-SKcANdVh2n&sig=Cg0ArKJSzJ4LPHylwDmcEAE&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame E158 85 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 14:34:24 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E158 125 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A58 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B2EE 0
0 125ms
76ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3gOnrV5R5L6C1Q86vVONMWp0NGS0XefQbBYJHLgVpoKCOWvI7MxPfUOOQdOCDO6GaPx8aYbKv3saSbbJTB6Mi72gBSvzQ7K9hpsDf86rRfBpQ0AnsYqk6slPiVwgQWQdtWKajI5WwrKOoTsAHzqbrgFNHJiMzhS0X9O5_etA2Z0QzmTQwMuLfbRB8DSa6n2eZNYGuk3MpYeK9ckL4bHtgkwqTnTlcgcefdWls6m_87TgwuS69qiqlmjAe7-u4giWzchWXQySot-CE3KnSHGulx7EYlXeCpBdOax922W5MsC3HybidGH2LUVk_pUgJVxiJezfUJiAj-xH-s_kjOTBTuF8mrgg5P6vwJw7wAv2lXiI8yUu7jsnnQM6W95DImBgqdJbj-9pZdwnv1SbQOfzTMWIt26FJlWIM6cCv6XU-6wUeCg&sig=Cg0ArKJSzHBTTjUJvPR6EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
DATA 200
OK truncated
/ Frame B2EE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 461e4a74a2871bebd0eb956bb999037f3baf49be57d8d94b7aed0adb8957cd9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 star50-anniv.png
cdn.thestar.com.my/Themes/img/ 6 KB
6 KB 37ms
36ms Image
image/png 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/star50-anniv.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5840335fe3b5ca8af849b3589108742c6bbaaec3b04665e68332bb964ee3a0cc

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UMvIjKFZWptkr42WDJ6cHZ7eB8z6uMRE
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 02:40:29 GMT
server: AmazonS3
age: 1523
etag: "832a8cd3f3f84f1cf741b8ca72dc046b"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 29 Jun 2021 15:26:29 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 5749
x-amz-cf-id: 5UNQeuoAjTrEBKF6v_ox7cB73dxs7xlz6wXwgJjijFyayatKguTEog==

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 120 B
885 B 148ms
38ms XHR
application/json 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22widgetId%22%3A%2254aaff126eb002491eaa07aecde1d51cee28be16%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22%22%7D%7D%2C%22prnd%22%3A%22kqi7wxihmh3otk7etc7b%22%7D

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

4d26cb76fec20d2ecb2249e6e4280b6c441ae2181b44067281cbb9885b34353c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 120
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK jquery.jqplot.min.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 3 KB
1 KB 189ms
188ms Stylesheet
text/css 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 04:28:32 GMT
Date: Tue, 29 Jun 2021 15:43:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2017 08:04:32 GMT
Server: AmazonS3
x-amz-request-id: 1XCY3WDJBB0GP6F6
ETag: "ef129c8b8213aec2b24294b9dadf0a5f"
x-amz-version-id: cWifd0oQ7MIedMAfT87eVJq6aFVX7NfX
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 952
x-amz-id-2: O7aZKh94nkDOEsAHMmpJ+X2vA/MreuJr/Ryj4xxrzyYuZ+0Tlq3IxFfpuvFBVucusxMo2ojlz1w=

GET
H/1.1 200
OK marketsummary.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 261 B
758 B 189ms
189ms Stylesheet
text/css 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/marketsummary.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 12 Jan 2015 06:29:41 GMT
Date: Tue, 29 Jun 2021 15:43:31 GMT
Last-Modified: Wed, 09 Aug 2017 08:11:49 GMT
Server: AmazonS3
x-amz-request-id: 1XCXNDQC3D4CVYV2
ETag: "84d888e4f9d0ce8e130822125f07491e"
x-amz-version-id: chpdOUEQZJ.MyaqfUhMXC5GIx3GBEoNS
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 261
x-amz-id-2: vp4RMxFEtT2mbehxmZRzycx1ugOwjTdvQFLKa6J6tbmw5UeJLUkKreYM1Toi3dgTjiOFuflLr98=

GET
H/1.1 200
OK top15gainers.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 3 KB
4 KB 194ms
192ms Script
application/js 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15gainers.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e7192a34a0d789aeeeb933e5a6350790b2fce3ebdab54d876b4e47e6afe075e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:31 GMT
Last-Modified: Tue, 29 Jun 2021 11:12:40 GMT
Server: AmazonS3
x-amz-request-id: 1XCYGGJ6ZZ8F2CHJ
ETag: "4200fa98b60020a663daf74da5e17bd5"
x-amz-version-id: 2uy2bcQt7a5VFjvE9gUUTJJ2IM7YqYUY
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 3507
x-amz-id-2: AANJ730o3PTXLfsiVHBjtBVm8Aaqw5jOIyN+/JvyYq2HWMTG82qxPeaLOMjabm/APzhhAJuYShg=

GET
H/1.1 200
OK top15losers.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 3 KB
4 KB 192ms
190ms Script
application/js 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15losers.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94094f4eb3d7230390289d7185632ccb45684a6afb0c6aaaa3d79a3d246beb94

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:31 GMT
Last-Modified: Tue, 29 Jun 2021 11:12:40 GMT
Server: AmazonS3
x-amz-request-id: 1XCJHSD04F1FW1ET
ETag: "9dc68040833be4702379cd992d07f45d"
x-amz-version-id: Umf9EVPvRQyZxg9casS.90vqhvLhy550
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 3569
x-amz-id-2: /U9PGtvdqVLeR5vpbQJGq05W7gEo3hUeFdbIYQHJbB6FpkjcRWyaiwZcc000pKqlWRQdPXPRIv0=

GET
H/1.1 200
OK ressecdata.js Show response
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ 5 KB
5 KB 190ms
189ms Script
application/x-javascript 52.219.124.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ressecdata.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Tue, 28 Oct 2014 08:02:53 GMT
Date: Tue, 29 Jun 2021 15:43:31 GMT
Last-Modified: Wed, 09 Aug 2017 08:11:49 GMT
Server: AmazonS3
x-amz-request-id: 1XCVZKD0JTJ0C5MR
ETag: "e4dbf47e731c34691e0aa212611bb6f4"
Content-Language: application/js
Cache-Control: max-age=604800
Content-Length: 4626
Accept-Ranges: bytes
Content-Type: application/x-javascript
x-amz-version-id: h.vMYdWszAQQe_JyPCkE3IqIYSDmKQvp
x-amz-id-2: ppfoVQ1vBRyo4IEXxOc3I8vWsVu2N18+p0Td/gOtlymfCQnk7zvx1W5+QyAYz8gCAeUYLI/uw/E=

GET
H2 200 top-20-vouchers.json Show response
cdn.thestar.com.my/Components/iPrice/ 2 KB
3 KB 684ms
675ms XHR
text/plain 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/iPrice/top-20-vouchers.json?1624981410318
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3b569c43eb659617b6bae5b913457cc48228b56376ef35fd26355062e5c1508

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: c_U7wmXnt3xzLv.MbFpWTSQe8lzeaP_J
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
etag: "e5a5121ebb2e039cfd45a241ac4a7aba"
x-amz-cf-pop: DUS51-C1
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2301
last-modified: Tue, 29 Jun 2021 11:59:05 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 15:43:31 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: .json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 7-ajuLDlV7zJfOYKq7E-AJZ7mEo-rT4jEBtiTF3pghrgnMc9-7z1Bg==

GET
H2 200 Flyin.json Show response
cdn.thestar.com.my/Components/Flyin/ 718 B
1 KB 674ms
673ms XHR
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/Flyin.json?1624981410346
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56abf8ec6b384ea032bbb7ca43322edf850ec0e51115dae4f1665c9f3d843544

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PzdbjyzQyG0dyaxlHZIYUI51yZfOyGCL
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
etag: "7af51809987c60741353b8f863f39871"
x-amz-cf-pop: DUS51-C1
x-amz-meta-cb-modifiedtime: Mon, 14 Jun 2021 13:14:08 G6T
x-cache: RefreshHit from cloudfront
content-length: 718
last-modified: Mon, 14 Jun 2021 05:13:59 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 15:43:31 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 5mYA3hgGxH8cGjIfjO282O4R67RfyJi4YpKjLPmIky1IwuxPAEOxVg==

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 6A9B 118 KB
35 KB 132ms
43ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1624981410.cds057.am5.hn,1624981410.cds264.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 23DF 118 KB
35 KB 152ms
66ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1624981410.cds057.am5.hn,1624981410.cds264.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 2B01
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

145ms
35ms

Document
image/gif

18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method: GET
:authority: a.vidoomy.com
:scheme: https
:path: /api/rtbserver/cookie?i=CEN&uid=no-consent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-type: image/gif
content-length: 43
content-encoding: none
set-cookie: vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYyNzU3MzQxMH19fQ==; Path=/; Domain=vidoomy.com; Expires=Wed, 29 Jun 2022 15:43:30 GMT; Secure; SameSite=None
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Tue, 29 Jun 2021 15:43:29 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=476308235.83603131177562975.36087918
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=476308235.83603131177562975.36087918
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=1b291214-0be9-51b4-9fce-095cff1536fe&ssp=vidoomy&expires=30&user_group=1
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=09b250ed-1718-4876-92a0-020303b8c946

43 B
367 B

39ms
38ms

Image
image/gif

18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=09b250ed-1718-4876-92a0-020303b8c946
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=09b250ed-1718-4876-92a0-020303b8c946
date: Tue, 29 Jun 2021 15:43:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8811297722
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8811297722
https://sync.1rx.io/usersync/tradedesk/3d137147-bd65-4734-b063-310c2e2c08d0
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-5152b47f-a94f-4cc6-bed7-e26...
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003

43 B
457 B

39ms
39ms

Image
image/gif

18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
date: Tue, 29 Jun 2021 15:43:31 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5152b47fa94f4cc6bed7e26cdfff03a0003
content-type: text/html

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
597 B 110ms
43ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:30 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1624981410321085-360
Expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 32ms
31ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1623321658.961125"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Thu, 29 Jul 2021 15:43:30 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 32ms
32ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 29 Jul 2021 15:43:30 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 445ms
114ms Fetch
text/plain 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c352f5f5623a569fd27e8815b68286b1_10247_1624981409892&tm=1196&eT=0&widgetWidth=820&widgetHeight=550&widgetX=180&widgetY=2437&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
X-TraceId: 1d9b7f350d6a261c2409f732a5f791b4
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 5614 16 KB
6 KB 35ms
33ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f968e74a7825219f3fb0e3717e8aa0854ded3e3603fe44658a7037a587935a9

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Response headers

accept-ranges: bytes
content-type: text/html
etag: "bba7ea61dbaa460c8b9c3272f76e75ff:1624436858.729748"
last-modified: Wed, 23 Jun 2021 08:27:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Wed, 30 Jun 2021 15:43:30 GMT
date: Tue, 29 Jun 2021 15:43:30 GMT
content-length: 5505
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624981410~rv=33~id=b267d8ab84a62053354ae675cfc9dd52; path=/; Expires=Tue, 29 Jun 2021 15:43:30 GMT; Secure; SameSite=None

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ 43 B
468 B 146ms
37ms Image
image/gif 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kqi7wxihmh3otk7etc7b&sid=1145278932220698298&loc=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&new=0&arf=0&ltm=1624981407962&ref=&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kqi7z4ve16hymatf&ckp=kqi7z30oj2ens4gn&glb=&wsz=1600x1200&amo=1624953219&cp_usergroup=anonymous&cp_ver=2.42&cp_testGroup=97&cp_loadDelay=2.7
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:30 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 eyJpdSI6Ijc0Y2YwYzQxNjNiNzM3NGEyNDRlYjE1NjE1ZjNlYTVlYmFiMTM3MDY0YThhZGQyZWVhMmI1OWM1M2Y4MDdjZWYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 102ms
33ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc0Y2YwYzQxNjNiNzM3NGEyNDRlYjE1NjE1ZjNlYTVlYmFiMTM3MDY0YThhZGQyZWVhMmI1OWM1M2Y4MDdjZWYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7d6b27219061f4cc227a8d4c6057b336acd9810ff56b47a72340fc8f939a0fa

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=595933
last-modified: Mon, 07 Jun 2021 23:44:12 GMT
x-traceid: bd9f6cc4deb0a78dd05a975a1c67a7a7
timing-allow-origin: *
content-length: 17348
content-type: image/webp

GET
H2 200 eyJpdSI6ImU1ZTMyMjI2MTNkNTdkM2EyYTVhZjg4NzlkNTg3MWEwM2M1OThiNTlmNWJhZTUxMmE3MDA4ZGFiMjMxMGE4ZmQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 51 KB
52 KB 93ms
47ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1ZTMyMjI2MTNkNTdkM2EyYTVhZjg4NzlkNTg3MWEwM2M1OThiNTlmNWJhZTUxMmE3MDA4ZGFiMjMxMGE4ZmQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f52c0ffa7f39390b8780a89ccab2938578f25d665229405c09e4ed4df692398

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=2437029
last-modified: Mon, 28 Jun 2021 23:30:13 GMT
x-traceid: 6bf095a56a4d65dbbd0e3be5647b2a20
timing-allow-origin: *
content-length: 52548
content-type: image/webp

GET
H2 200 eyJpdSI6ImUxNWU5NTcyNTFjYWUyMjNhYTZjM2ViYWVkOTA5M2RmNzFmN2QwOTkzNTA1MWExM2VlMzk4NDkxMDhjMjkyZmQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 122ms
76ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUxNWU5NTcyNTFjYWUyMjNhYTZjM2ViYWVkOTA5M2RmNzFmN2QwOTkzNTA1MWExM2VlMzk4NDkxMDhjMjkyZmQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af2e75a0a1da8c34f1aaa7cbbff380f1064765300663dda3fcff82c6fcb44be2

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=1048714
last-modified: Thu, 04 Feb 2021 10:32:17 GMT
x-traceid: 31ee301d7f3f82830e05afd19903b8d
timing-allow-origin: *
content-length: 18712
content-type: image/webp

GET
H2 200 eyJpdSI6IjMyZThhOTYwNmNiNDg4OWVkZjA0YjcxYTFkZDk2ZTYzMWZlYWZlM2Y2NGYxNjg1YjNkNmJlM2UyOGQ5ZmYxMzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTExNjk5NTI1OSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 40 KB
41 KB 105ms
64ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjMyZThhOTYwNmNiNDg4OWVkZjA0YjcxYTFkZDk2ZTYzMWZlYWZlM2Y2NGYxNjg1YjNkNmJlM2UyOGQ5ZmYxMzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTExNjk5NTI1OSwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a26814bc35babf109f52be0e4d183569316287fe68ed6a84766d348663c06c7e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=546077
last-modified: Tue, 25 May 2021 09:57:58 GMT
x-traceid: f2710e26eee30b87b4c8f56b61f384f5
timing-allow-origin: *
content-length: 41470
content-type: image/webp

GET
H2 200 eyJpdSI6IjEzMDdmM2YyY2E2NTUwMTI5MjViMjMyMDJmMzcyZGJiNTQ2YTcxYWM2ZjA1MzQxOTA4YWQyMDU1YThjNTQxZjUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 107ms
77ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEzMDdmM2YyY2E2NTUwMTI5MjViMjMyMDJmMzcyZGJiNTQ2YTcxYWM2ZjA1MzQxOTA4YWQyMDU1YThjNTQxZjUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47f013620668132188b1aaff8da4e3833a6d0e7b8bd24b49eb468d080c0e137a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=1152180
last-modified: Fri, 11 Jun 2021 12:39:18 GMT
x-traceid: dc27f32c3ed493bee3599d5d01fbd180
timing-allow-origin: *
content-length: 15212
content-type: image/webp

GET
H2 200 eyJpdSI6Ijc4MGFmMDUzMmI5ZjExYjgxNjEyZGI3ZTkxYzE4MGE3NmFlODlmY2I0ODZjNzhkZDhlMGFkNWM3OTE0MzYwNzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 96ms
77ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc4MGFmMDUzMmI5ZjExYjgxNjEyZGI3ZTkxYzE4MGE3NmFlODlmY2I0ODZjNzhkZDhlMGFkNWM3OTE0MzYwNzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1346cf303240fb8e6afa8dfcbbbae7e7248406a6134445fee37f3bcb99397daa

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=1081833
last-modified: Mon, 12 Apr 2021 18:06:42 GMT
x-traceid: a226930e071770321f52cb6826925c95
timing-allow-origin: *
content-length: 9878
content-type: image/webp

GET
H2 200 eyJpdSI6ImE3YjU3ZTMzODkxMTAzYzNkYzcxNzQ3NGEwNzkxOTU2ZWY4NTQzZGFjYjcwZjIzMDMwYjdiMDQwMWU0ZTE4N2UiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 57 KB
57 KB 70ms
69ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE3YjU3ZTMzODkxMTAzYzNkYzcxNzQ3NGEwNzkxOTU2ZWY4NTQzZGFjYjcwZjIzMDMwYjdiMDQwMWU0ZTE4N2UiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ebbbe73b7742a977cf4c6a2ee5e0b390dd0d9f70cce685654c7782990192dc

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=2079667
last-modified: Thu, 24 Jun 2021 23:58:54 GMT
x-traceid: b0258385b3e1e2db918a677824df5a05
timing-allow-origin: *
content-length: 58242
content-type: image/webp

GET
H2 200 eyJpdSI6ImU5NjIyNzlkOWEyM2NmMjM1OTU3NTk0MDI2ZWRmN2E1YjNhNTQ2OGJjMGU4M2YyYWY3ZWQ3MWVmM2Y4ZTQ2ZTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
30 KB 70ms
69ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU5NjIyNzlkOWEyM2NmMjM1OTU3NTk0MDI2ZWRmN2E1YjNhNTQ2OGJjMGU4M2YyYWY3ZWQ3MWVmM2Y4ZTQ2ZTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abad740dab8a9e73bc12b8f35c8cf51ab4395de64a0b0b50516522ffe5504e3e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
cache-control: max-age=2170547
last-modified: Sat, 26 Jun 2021 00:17:13 GMT
x-traceid: edd2ebeb3bdd6b195030ba068da592d0
timing-allow-origin: *
content-length: 30034
content-type: image/webp

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E58E 0
0 78ms
77ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYl95D6PPl8jwQBPATOaWjkBzgzzUuZMqe1h0J-Yicm-1MqfVQ204_u5iEss41OU7J6Lh6wDq0uH9oE1Z0_LPKQgimRjXLOaKDFr7TZo0kjJ8Seyc93463th1O69AhoLtFJgjDJCCaXpsscI4sZ-zxAyMMJRqkm41se5WGviZhSqa_-1DvlrqKOD8UGOLCBSlozbJ1mvkw_xEcKPIcGl8EvNHRZ1kzvPqm688qaQ6YWV5H76N_F53gpM1mP1NAWLpCWQO6dZfjOlXuAjLAh27_EREVDQqse7vPFjdkNdNMBrlW1zKU7-Q1nRzNTV7D9NKVdtnjSRxxZYDkdxhOP8I9-G38zXYxTTlfFuq0g-C0i246Ry60kr0TPnMg2XbgrnxlcBaBv1ojtfXissDGUTulGtV2tJAuVG37s9ALWQY3cq8&sig=Cg0ArKJSzJsoQBUobXCaEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3A...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3...

64 B
329 B

54ms
45ms

Image
image/gif

65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&c9=
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: jV5mf1jovaVhLNgNOI7SnVVtMKg3pWSyfmGm352CuO3OVp6txDsZzQ==

Redirect headers

date: Tue, 29 Jun 2021 15:43:30 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1624981410501&ns_c=UTF-8&cv=3.5&c8=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&c9=
content-length: 342
x-amz-cf-id: hAXClQzHNDGvOa1_wBxR9s1AEHrNqU1fcTIn4y12516WMHpno_DLXg==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E158 0
0 79ms
79ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhdcvBHbNL055TiVWUkgpcPEaslf7mywTu-MTff48iBRzQfniViq5Qh_1hWcu4skMB-H67b7DPpAhgksdbAE4xImUbrlHZ5jyw8ckD9xqnC0Ml2xf6dp90m18fREc0YuBlx8c0-lHyQfPlQuOeawgm7gRaKUmCUrEjMW4WBrlJWnUasZNTCQu4IqJZuadH4tom_7V8FZxQQcw1T92k9uukyuTkzK9TSaJt0TofGOUt20sSgbtYAMPiyw_X669sMfpZqiECBkXLdiRQslKPZAXd3SRtA1eOgvzp3pX7dgIKN5uuM4ho8erCCXBHWV_NMe-kwOE&sig=Cg0ArKJSzL5wofksUbeJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 29 Jun 2021 15:43:30 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
296 B 125ms
39ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Puteaux, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.0.4 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Jun 2021 15:43:30 GMT
Server: edward-ed/2.0.4
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding
Content-Length: 15

GET
H/1.1 200
OK 5f64733dfc2346192550c7a5 Show response
api.pxl.dailymotion.com/players/ 917 B
1 KB 134ms
40ms XHR
application/json 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pxl.dailymotion.com/players/5f64733dfc2346192550c7a5?fields=config

Requested by

Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Puteaux, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

nginx/1.15.6 /

Resource Hash

d5a8345dde00a9eb9f22b649e16d08acf5bd4049693c71e8e2b491b9f1fbbf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:30 GMT
Content-Encoding: gzip
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Length: 411
X-Dm-Lb-Name: icscale-01-01
Expires: Tue, 29 Jun 2021 15:45:32 GMT
Last-Modified: Thu, 22 Oct 2020 04:32:42 GMT
Server: nginx/1.15.6
Access-Control-Max-Age: 0
Access-Control-Allow-Methods: HEAD, PATCH, OPTIONS, GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thestar.com.my
Access-Control-Expose-Headers
Cache-Control: max-age=600,must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache: HIT

GET
H2 200 PoweredbySMG.png
cdn.thestar.com.my/Themes/img/ 969 B
1 KB 33ms
33ms Image
image/png 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/PoweredbySMG.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6D_linq7xzrHnQ6OvqY3z5jUwx0KJN0e
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: "3c0f549d7db345b0b035ec2d7fa24807"
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 1527
x-amz-meta-cb-modifiedtime: Fri, 24 Jan 2020 03:30:24 GMT
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Tue, 29 Jun 2021 15:19:37 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 969
x-amz-cf-id: da5THFixJWlaOi7QLlYZ79B1milvWIb9qQ-ui8Yo_VJe2Q0pNqwjaA==

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 38ms
38ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 29 Jun 2021 15:43:30 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 bootstrap.min.css
cdn.thestar.com.my/Themes/css/ Frame 808B 119 KB
20 KB 37ms
36ms Stylesheet
text/css 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding: gzip
etag: W/"67d856a36edacea9564bd92310f7d792"
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 3303
x-amz-meta-cb-modifiedtime: Thu, 12 Oct 2017 02:23:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 29 Jun 2021 14:49:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Dxd45ZwKPuW4aenZDH0A8H8wXqYQ60UIN4s8Gs-9l6i5BjZLypWpGQ==

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
46 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb5262466d7da1e6d44207db7632b88fd6944e55fcf9608adb324841afd7e7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47546
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 705
date: Tue, 29 Jun 2021 15:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 29 Jun 2021 17:31:45 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24675
x-xss-protection: 0
pragma: public
x-fb-debug: reRn528lhkSWn1Sj/FCrmMEJmp2GTh/JBA+WejVWITYKYEsgDtYNQLRGvYRglA8GHMarj6LLYgS2tJBieiYKKA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 29 Jun 2021 15:43:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
52a360d4000447a08efd7617080680a9.js.ubembed.com/ 2 KB
2 KB 101ms
30ms Script
application/json 151.101.13.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c325eb95de1a888c80ed777d5561f342f39e7e0ed59dfae0ce41578c06d03a1

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 2096
etag: 3d5e9bc6ac90efee4e88cc3d1c179593-v0.179.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: none
x-amz-apigw-id: BsWZ7FKZDoEFaYA=

GET
H2 200 iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc Show response
j93557g.com/v2/0/ 103 KB
30 KB 134ms
52ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6d41bf7409cbf84460fd3c023302f87ffb49af565e9d9918fa868a155d5660a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "36c2bcfb57c262db2b8d7e0a23ca8a2ad8751d7ccdd648c776005c7bb4f2f758"
vary: Accept-Encoding, Accept-Language
x-hostname: f8becdc5
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 29 Jun 2021 15:43:30 GMT
timing-allow-origin: *

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=c10d788a-d8f0-11eb-b103-1a4ab9540206

0
588 B

40ms
40ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=c10d788a-d8f0-11eb-b103-1a4ab9540206
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Tue, 29 Jun 2021 15:43:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Tue, 29 Jun 2021 15:43:30 GMT
Server: nginx
Location: /partner?source=217759&sync_limit=7&__user_check__=1&sync_id=c10d788a-d8f0-11eb-b103-1a4ab9540206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
255 B 119ms
108ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d,002ad79d5e17fa1cd48be0f2c87f711f6d&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&optOut=false&bust=011707203613037875
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:30 GMT
Cache-Control: no-cache
X-TraceId: 65f20aa7c7f03123d609c5aa28f1468
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 7021.json Show response
script.crazyegg.com/pages/data-scripts/0012/ 9 KB
1 KB 43ms
14ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/7021.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?451383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f955017a744484b1ed600f7701e26335b7401b4cd6f380a75194ff8da6b94d5b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 89806
ce-version: 11.1.309
content-length: 1076
cf-request-id: 0afa09ab5800004dd6f52f0000000001
timing-allow-origin: *
last-modified: Mon, 28 Jun 2021 14:46:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 667045588da54dd6-FRA

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9A54 624 B
297 B 22ms
17ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEdqvo0YjPeUEYQ3XLV5CrSbegeXLzaSRCdw0gXrzyQkTlbitytp_GJHpn7jE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 29 Jun 2021 15:43:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2128 62 KB
25 KB 61ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRoIMUwIsJQpLrrYXNBcIIXQ-Nqr5EkTvc5kv2SDtM-NPSaU33DWvfA6obY6zqoxOcb3sLIu6m8MH3lxfCxyEUunotc-F7dal42_Rqulzm0uO7Nc7rdf5iFYO7ViuHnqwh-EOSZOB15wqP2WDvVygpeHh35Q&dbm_d=AKAmf-BOxpgAQtsKiCw7um_nUcmMs_9jkye2JbJNHkkLG3P1C4lP0g12HLLn1eEPey_xLou2egvs7-5GqF7B5ses4iDTAWbXe9Xh8HdFjbIyj18bkMbGS-l-5faynoPfYT22ruRY7xyiupLtn6AVHL8mFSW3SQB7McOhDVJ_k5aldQnUPj9SIWP_2sb5dAxAOmRsWW7wjNxBkwpNFGNMbTLy1av1ajedQEperIAwoXnVUl892najprEP_yVZyrYPxTvAwktn_7YmaIjWcYdlfcJS4p68JcYSh2xJ7Rovqn-oH-hC5fy8q_VXe-91-X06ihnSOa3yOS3QHBNCWcm72tcXkunDwzJWHBXPiIG7q_G6cbLRhyeDzjgslTOOW0TyTae5KVesoOi1lbfdqxbROT31nGfPh4AYUUOvB6HSguNruAzfdOYECcKoWa2WuavUGE0UnrUAoaiQikUsOei5zqkvNAIyJu9XyrZNh8cPDi9rRhpOyfnB4q71r1SMMjSw_knL9be6sru_I439ctRQ96t1_AY1exeojzwhBW66obFYSsXdcrLb6tYJ9SVvDl7nH2uT1Gx4QCNYg4hjF-3pXlNQctBEer0s9m6-XJnl-rrd4OOhmvN5lbheJ0vmPv3wj0yaMZFHONK_MQLexfa8bTmsAOyBiBGl3lF8ZmztrDyPRCFv6rsn5uSGF2aPJCjVeWIWcPkKgplr9Q88smz48BP-z25nY-MUPpK0wxaK7rRp7zovsBKAsVJyeu7cqX8t9JFos1xKqGa1mZS2E0Pav0V2RgUf_auJPMrFnMGqRO-bH1_KoyTZMecVn5ocEOInR6b_nLA7HH02iybFpMRcEheJEEfU6o29mgnNak_TdiEBmMoSOLy8zebBTnIO_h9wCFZMEdUcT6JhcJNYqmeE86Y2EMpPSYOqqmAJO6-QFqvdVpNuY-1c0abyG0SN7TuFKA250sBWArBixXJ-kb3cqZFEpa5wN1gPSiQCpjpBRdhr2EqUjYJM4bRULeGFUZoiTWFbWMqKN7gzBitCKv2WQ2M5ttlhT55iUqXR04r8q2Yd7N0WgX6zNf_kSj1WinmldVOfEhg3bQU3zZZseQnkp2SusAVchnZy8mZPbXqMyqe0JKXFBXHOK5cD8yJIFNMvSc3BqtaTqvcsYFJXVT-4_rFnlCmKjbMI_6mKS4foUeKp70H9Ekr25lBiCngzUHltFT0e3W3wHul-T6-0zOcZbxp6OKBr8eNqjm296qJLDVoXgZRAySr5dfB7KSu8yE_egv291uiVlaaNFxAUcSd1rVQbBodQHQedW_H6r7KF9gQPXyOLxewdPpt13nHbIvi6nEsHuyOUu4paxfR-jKh72NrAPhiDuZhUCMwtJiZAj33wdlxDv3avuJZiTiFtwa5cEfk63AgU4cdcPAcbGRfH0Ducm8cuB18QGbbDUjhCzXdICB-1EurcDDdG_ZZV5Pag6CzDc7tVw4uk1UlyyK0RWMKrolyxedb_K1pE3FKveG2Hat8-dvnN7kmpG3UvSNqkWl-671vrXD7XVUu9_iS7FvNWcOyxvoOxFaBx5RYEb_Tz3_nayeUw_uiXw2_ZNCkRL6qI1sxUmguf-DaIyw7d0sPraSic2VwyBy_dh2_O-Zd2hBSHRwZHp4-9NbRNTPDAAvyXCreXV53PnfHZs-nPKGQIMk7NQ4Qzw52p5xaD3tWNYiw9mIWRc9lhrDS4JBiXEQkGfBT6Fx8A5MZhAb2QXz5wT530n4H73ZG9TR7UxuP9qotTWFc4VbdpFW0FW6FpsSbb8_SC7wJ59l2kzaD3btKhfXl_ztVRSkg87mSbQnp5HeDBof5tEIsMW63hQfse6fOSrx1UBjohkv1_iFYpTChz0Uj5u_Bbzug-bgwhWO7emVeDGPIUVyPdZOqZ1wCNFQFoAzFiqL78_Q2L7T5j-yFDv7rNA7HkP4PNzbFrLuZwmA7BgmArn2_vdmeKvlqhvrscClvbC6GsSBQ2ShHekX2gJJEmvgCYlP7kEEpxab1FQJFr5DiG_lFdNB0AT2FBZAKZHvvKVdE4u4qNMkyBiOs3vvtBDKIcCRGj1Yr-UCLGXUedAc7wXiSx5t5tJPj0a7vHOjQ-b9NOVeUEjTlt0f2T7pZiwJ2uyh-8qDQmIxY0hZJqYMQL6Q9sO4R87lHsSJLwEn3Vx-i2Mxz4lRIcg_o_FoVhl-zOakAzrssYCWVcOfSV6tiCWWeo6Q6OT4rP3MZKT5n0BC4-1qeKg6d7aqdJKVowOzjQlpNqXKI_1XemW85wBcKqy_5X1SU-uXAcsiOtTxvrOxD7WRZ18f9qT7cOIrz-oNHKafMISx6Hyudhi6GRJB7oJe8CAVMimuO4EnHmvmZqEvdAXguxGS0BrCIW8HXwIpOr6BpYPQb_iNsWcIfrdgNn_isCrOfpm6T-Zq_e5OfHEQlbk1jAp6Rc1HLpYALCmoV-3hZoWIvK0A54AtQFIlXMAwIwmY5RhDnAHbkdOzA3s_E5fwG8A_7l3Ms4of_9EnAn3yDjhGRwsynBt9Fv7HVyCxA2hoor80NfhyThxnuBBmF2gOrBbso1VOBKm88PQwi5ZaAb3FL817aoWkweLgKlV0-mOYR1FNGydmHUl1snPaGRt4EKr2uzIzyrWsJtUqoTh_9gQQU4ISpuj7GMTFqYLZMFLtYOqKEsbQ7cst6Iai-N5uWWgQfnzpkD6O2AWakwo3DiPF7xqgQ1pO4E4hUYI1AUdgN06_hhoFuQ_FBE6lIQCvT5KO1xBatjS7ZW5GWlGeJVjVpH0qJy_1NobYq4u_Bbjqs2PLIeF7zPmFkDTuE5tFqbIPN_3uCBMT4LISmn9avPUl51mDnUd7fVQpVXriUY-qOEVYhzGwADdRnJnnf5rAlBHwRtnxuUJVq6H5MWtaoR5cAYwSLFInOk0j0F4FYwlc9fbWgv0phEkAhMNyK4khGa-_rMcUUSAu4oaiC0_sKbUZ9AMpKdhlsC1CmnqoI67hxGPACnI_3T9rPCQcHClkI0ORhETrVBUXKheQIyP-s_XMdDD81regd3D5coWStOOZdISnlBgFPpx8J2fSTpjS3ieOgxcA3Km916exh6-g&cid=CAASEuRoyEpbIs3bnk1O7bLewq-chw&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16e585fd42cae6c7e124669fca51d219f260e159af62bfadc79d08fe4c2dd607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25475
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2128 42 B
63 B 73ms
68ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxz8hUqf3kx21SwH8stAea34B_Qam25hCrBRr7smooP_D01GnVH14qJ6jVsK2CCW0OoW4OuslYgbTyqj0nB4rKbIfXNsYGJFEUS4HA9YfJZpiEKKE

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 2128 3 KB
1 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:38:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2128 125 KB
38 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 2128 14 KB
6 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:38:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A58 0
0 76ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswstufv25vUJo5C97dTRFTDn6UuuBgTmEfyG40k-We6wbtvM1kcG21EnA4SE_GRSzhF_N41VmGKOhrUbNEalR6pxFI1hYKl_KawJDJOugefJx40FsQcYH0KmFKkDJYqbiEmulbQPLCRnxHNulY6vEMWLOQASiM1YAJGzuw4TaMCfqbBMv043OjnAkbrb0lKw4uJyLO1wt89cnUt0pST1-eS_hQu-y8jzYCfQqqj4RbODwlvZOEDDxvylWquDSj4B3Vtx5PeQMGWo2Q9bKgPBjUhmleb79P-ZQsUICkgweYU0vq82n5zPLbG1tiLcz9EKAoRVxtHciNyRSZityP9ogfL0N3UDPFeSPVzHpQfLP2MnlZOA&sig=Cg0ArKJSzNuQYG7drNvDEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9A58 10 KB
8 KB 55ms
54ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c423395ba31f2472871390e06186792ad444535fc1c3b6ed349bd38a732d83ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7887
x-xss-protection: 0

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B2C 640 B
316 B 21ms
18ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEdqvo0YjPeUEYQ3XLV5CrSbegeXLzaSRCdw0gXrzyQkTlbitytp_GJHpn7jE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 29 Jun 2021 15:43:30 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DE3F 62 KB
24 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-_OGbsUDhfnpzU-ooM4G9biAI6SPqWano5UuT1qRL8CWhlZnDGMXIwVz6JYdw1M6Xn4VnXbp5MO2z0dlqUfaw6giVLEgD4uF_JCOhbsyftRW1lpu8kpKypbcwfZwr2trL5ODgU2fwd3vT6Pcj7LbYO5TmZQ&dbm_d=AKAmf-DL7nbD1yKXyFsjshQK9fqmN39iHcAYIvFNU4p2rVEoaunuSbh5IF2S4C7GfhclqPZZALm_H0963Z6CXI8P9TO8eG6rXduZvHKA1u15ZVv9-MN0pPKnV1VvNnIw4CJDRapazxVAxBm44Pt0uNLdXDa7_zEqA4PFP_7cb4rjUsSGei3nQ-b8nPyuG3EzBKRncW-Os8Gi5Do_stAWO0abiRac4HwGPSTv6beimSZhG5XpwFN0aDOt7wru0XwnYOJI7Vpwz_IkaEH4HEDjobVFROqyp2T-wkJXkathBwYZzoBivJhEP4rkcjOUHMTtZbZVE7AodcuKT65eGRSHZhiD8tuyUUlNih6o9capOlzNxRefZktU5PJFqS7UYOC7p32J2KwzNWVn9qqSEBSOv9FtCkwKg2ionPhihjFVCeiWKH7McpCeZnrVLc7r0XA5b2gNnOm7xyL842hNFR0LnmqAm_C2T3U3j81Gq3C4Ugp8G8VSpbz_vlkmbEd_D_bnKbAVdtT5rzDkapB9e0htY4hkh15OZs9ajdOz847jcJ6FXMRbjLFuaP1AHMr8eoOAsTnPlcDkLLokLGVYamIWSr0K6FJYCMGkGOgl6z4_HJZGu0H3VuOzTY1Hh7XpIMFKKebx8JyQsW5r4jB8dRVgMOvyq2M7WyYaSSzA9Io7N9-Lhj1qce_whhml5b9cVkBVsNUuudTi-_Rd979YIZy9fSy9cRutsCup2CHo6ihzMbgt889h5eefZqeXJ5ndM85Hw51C53no5-hzfpoorkoKqCyZM7mt7FSCO6F81Zb1eVaMpB72yA3Vs3T53YrgkXr331wyBPilU_HRfemAWMrftaYFPQYJCn8Bdh-BCO4lOLSO25C0LmETGFtK9mJlq3Im8W9p_AwnCFcImx8lH_3_azH2nmRw14YEe_ldximYvMTddvzYuZ2txeeO7X6_iDCjimQ7jfecwQcvCroaUFOA5U6vjXVkJfL0DRxjbVRrB9CBYfZupvPyPhaOekswElS4xNz5UXm3feWwo1icyzdcAzO5U-t76c1ZhPEo0ilU75LEHRUP_cAiCYrJX-puIeAeR3otESYF65sZ-_S-a0x1CF6lE4C9LgcwLjh5JciJGk20eJ3D8qgfQr-nbwfpZealrtxolQRdYEN2OcU59wVCODXC29116kMipPdNG_OjgPdL__fcPl2jOehNk6KQyCx4-fh_bBIcU6di8ItC-EBdlVqIgyfWuW1_5ilvORKrffUCV9_omHZC9aW1fZak2GLm1UNhnPO86J0vGPhk-VmNCo_DRxtodl_bhs0Hb52BpbN-GS1V7C79MTSdatNA_sL1AR1XKyvdtlFxXSwliaUaUVEGoAazmS4hy7zyGv6h2-6uoQdkP4QFw8fZUy3sHVxWM3m11H1te-6Oi00EINEb5PoMDa3ObyCHONkvcw4bZm_2_2vh0hQY2G5iKoRHCTrCboA1NCndolQJvYIfsdeavAMwGA6yAkQk4dqhe1uS47jBruMJ9QsO59jODRyJwUwCjJZrIIuucyHuNkz2YqEqiLnZaCNbGHK7kIVpB1jtVSmJ7Rpr6ujvXwJHJWBaAXRjhWqQ_rTKcAxgxhDMAA120wqczbQ7kW45E91DRx7M9ntOzzIa0kSPxAgNQDTBOE_Vz_cdEL-OD7BehvARCWEHuCKj8QSrzokAAz4qFhDBf9LOWwJXAycT1DooPsvoJcr7gNDCEVgmHHApkP9xLgSKYhdPCDMjq0VL46emA8oElDHaWuWuhDjj2Dnn4XmgXcpW27WIsR3671ixxvcX0_xN4ppxUSGWDFo0-nZD6JNOof5pFM6kQzFuITdgBhVczy_g8AOoON3KteEaZiRMOhvjBBPDO9DgfbnryctJQgfqeQoBFEo8CDMD4OQ3WzXUMneqCNdWImmMmPZ20wtqqHaLwHf60ECDzSArtEwE_5MX7gQ2jaWElCbHci9ZxerYG2zlalz_tpHt9eTJEzR5CRrD8JPReqBV6mhRY8an_I8ItWb8CG57IGcNaLYNKRQxGT2kH9Oo6WNNYgaSRa-RguSsaHkb10IpVWsDN5JPoBcLLbGVaLvMIIL3x919kzennjA1WsYcI-902cZUDRoyzjnloBKtVlAdoJ1OAUo3y1zS1nwYv2O52BE8yD5W3pQO1QNMbAN73k_cGJi7_N8zdJAXiKVHz_WuJeF9W26zGwIGrh5hR6l5uDenevzIlIRCwOuEEDubdGW8cc-BNYNgn-vRhrn9rPSv_vTCERVYPMe7pIgAfkNuQGUebET0cSyvrRqnduT6AQA9UEo8TkALlilQ4529CG2VMa4XTdTT2ia-j33Fdim6PEn1NiNgcJB_NgSO6sZe7FS7tyl3pX8EhPXl2s93WSaizYPCoC4tpSf4jpMfgLbYSBibpCfhyHZwahsbk6ycggJY8vJYNu19Yys0t3Y7RSOw_BRISGydobccf_qsgpmQWgUWTq3jArbOiW-d9JNILzAgaSEaF496xv51P_I6k8qegsAeFmvJuNvge7CevrrCMPMTsvEyGQ_ok-5gjruPJ28zbfgq0xhSZo-R4ctHvOaRiY9qYW6uIzy1UYBt3G02fF3vuVcROHCEDPqoOdoYfwjQ1mo_0Jyn_s62e4-S87QWE_uL-QT9MqavO2aZtpyVbQe7MDta_ErFuqFjJkZcW1tXq4jj0I-9E4ZsDKhu9GQr7t8t9ELQlcv9GyU0p0uGW-ofcal0-J6CSnk0zsb_Oap5rv2C5U6f1SVPmwil3Zc2M7CjWwCr-5N1zC4EYjYb1zQroIOln5IdBxmxgs5Q7Wx05rGtwfdf5KfjXiRx_zPV98NXQju9HzDac4zQJjKFIvyE9p_PVy89_RG8vp5w7RzUrIZ_v98ZXOxfZ8CdlL3DeLCmKzN_Q5qmo0qMf1NFg62j_3WpI5x1ZQzA5wHmBiwdRKKBry_93Oj9-NnjCg_G7rE1A7egC6n1qpak4Lm9lsxTUe__xpPNT0iqYnybUXMAURS0CXaNu0a_8zNKtfa5boOD5GgN6i1fvHLwkygSCo9A0bo8HViU6TXtHiUapueO33B2TInCvFk2ENyqCjiHUXGJp16CrA9ndwmvmaT7cc7r2Qc&cid=CAASEuRodgAcSlCyHFnWEep2U0lYNA&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8698b6b4de3848476f117813e1dad4d149dc99230a73a14f6aa05bc8e03f2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24977
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE3F 42 B
63 B 70ms
67ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1WR3ubSZcCRcqnXcGP-QQsQA5p_4ygsywJ06ZyyoGgZKPwZYmac7gkQdM4dDneRW2j905FyWlAAYens8Orj1Uv302dQUEWqf-wJuo8oXe53psQj4

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame DE3F 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:38:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE3F 125 KB
38 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame DE3F 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:38:30 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 7E83 52 KB
25 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=invisible&cb=ht7eorxf80av

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:16:22 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 7E83 341 KB
132 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135608
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:13:03 GMT

GET
H2 200 11.1.309.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 17ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.309.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?451383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80f3bd222e336de545423e9fc389416507f3b7f75741b99e8365849e912794b

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 89824
cf-ray: 66704558da6fdff3-FRA
content-length: 21430
cf-request-id: 0afa09ab890000dff3ed9ca000000001
last-modified: Wed, 16 Jun 2021 16:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 24B7 4 KB
2 KB 41ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981410.cds057.am5.hn,1624981410.cds257.am5.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 23DF 180 B
357 B 729ms
118ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108035&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=50572585&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 6E39 4 KB
2 KB 41ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981410.cds057.am5.hn,1624981410.cds257.am5.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 768ms
162ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56691633&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 901d67e6603005bebb99067e9eda6ccc728ac452a3f3a895c9931690e03b569c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1370

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 5614 1 KB
2 KB 37ms
37ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:32:07 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: rkySCax4J9ZNvPFFKvTLQ5ntC4GZenx5hsWtUJ9QCWV0gFtWa-EFTw==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 94 KB
36 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P83PVZM&cid=989508219.1624981409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01e2ba1737f7ab5892e5d0828b2aa967cdff643a8b12a4b71affc57205cab721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37212
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A58 17 KB
0 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:30 GMT

GET
H3-29 200 2207123949525156 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2207123949525156?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4664a5ffff3a1009cbde9d23265c1894252b566a27aea4df37f72cb111cf2154

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75970
x-xss-protection: 0
pragma: public
x-fb-debug: TD6x4c9CXV9vpwL1vfQGtgcfnCe06nAYNy3Cav6KobbJD3hcQ4MbT5edoELOeiJiEulwqaxehYLplGX7eMi9Vw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 29 Jun 2021 15:43:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
174 B 14ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oe6n0&_p=98582532&sr=1600x1200&_gaz=1&ul=en-us&cid=989508219.1624981409&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&dt=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&sid=1624981410&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
76 B 15ms
14ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HWDM68GV8&cid=989508219.1624981409&gtm=2oe6n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HWDM68GV8&cid=989508219.1624981409&gtm=2oe6n0&aip=1&z=687955435

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 2128 176 KB
61 KB 471ms
5ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jun 2021 07:23:02 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 2128 8 KB
3 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRoIMUwIsJQpLrrYXNBcIIXQ-Nqr5EkTvc5kv2SDtM-NPSaU33DWvfA6obY6zqoxOcb3sLIu6m8MH3lxfCxyEUunotc-F7dal42_Rqulzm0uO7Nc7rdf5iFYO7ViuHnqwh-EOSZOB15wqP2WDvVygpeHh35Q&dbm_d=AKAmf-BOxpgAQtsKiCw7um_nUcmMs_9jkye2JbJNHkkLG3P1C4lP0g12HLLn1eEPey_xLou2egvs7-5GqF7B5ses4iDTAWbXe9Xh8HdFjbIyj18bkMbGS-l-5faynoPfYT22ruRY7xyiupLtn6AVHL8mFSW3SQB7McOhDVJ_k5aldQnUPj9SIWP_2sb5dAxAOmRsWW7wjNxBkwpNFGNMbTLy1av1ajedQEperIAwoXnVUl892najprEP_yVZyrYPxTvAwktn_7YmaIjWcYdlfcJS4p68JcYSh2xJ7Rovqn-oH-hC5fy8q_VXe-91-X06ihnSOa3yOS3QHBNCWcm72tcXkunDwzJWHBXPiIG7q_G6cbLRhyeDzjgslTOOW0TyTae5KVesoOi1lbfdqxbROT31nGfPh4AYUUOvB6HSguNruAzfdOYECcKoWa2WuavUGE0UnrUAoaiQikUsOei5zqkvNAIyJu9XyrZNh8cPDi9rRhpOyfnB4q71r1SMMjSw_knL9be6sru_I439ctRQ96t1_AY1exeojzwhBW66obFYSsXdcrLb6tYJ9SVvDl7nH2uT1Gx4QCNYg4hjF-3pXlNQctBEer0s9m6-XJnl-rrd4OOhmvN5lbheJ0vmPv3wj0yaMZFHONK_MQLexfa8bTmsAOyBiBGl3lF8ZmztrDyPRCFv6rsn5uSGF2aPJCjVeWIWcPkKgplr9Q88smz48BP-z25nY-MUPpK0wxaK7rRp7zovsBKAsVJyeu7cqX8t9JFos1xKqGa1mZS2E0Pav0V2RgUf_auJPMrFnMGqRO-bH1_KoyTZMecVn5ocEOInR6b_nLA7HH02iybFpMRcEheJEEfU6o29mgnNak_TdiEBmMoSOLy8zebBTnIO_h9wCFZMEdUcT6JhcJNYqmeE86Y2EMpPSYOqqmAJO6-QFqvdVpNuY-1c0abyG0SN7TuFKA250sBWArBixXJ-kb3cqZFEpa5wN1gPSiQCpjpBRdhr2EqUjYJM4bRULeGFUZoiTWFbWMqKN7gzBitCKv2WQ2M5ttlhT55iUqXR04r8q2Yd7N0WgX6zNf_kSj1WinmldVOfEhg3bQU3zZZseQnkp2SusAVchnZy8mZPbXqMyqe0JKXFBXHOK5cD8yJIFNMvSc3BqtaTqvcsYFJXVT-4_rFnlCmKjbMI_6mKS4foUeKp70H9Ekr25lBiCngzUHltFT0e3W3wHul-T6-0zOcZbxp6OKBr8eNqjm296qJLDVoXgZRAySr5dfB7KSu8yE_egv291uiVlaaNFxAUcSd1rVQbBodQHQedW_H6r7KF9gQPXyOLxewdPpt13nHbIvi6nEsHuyOUu4paxfR-jKh72NrAPhiDuZhUCMwtJiZAj33wdlxDv3avuJZiTiFtwa5cEfk63AgU4cdcPAcbGRfH0Ducm8cuB18QGbbDUjhCzXdICB-1EurcDDdG_ZZV5Pag6CzDc7tVw4uk1UlyyK0RWMKrolyxedb_K1pE3FKveG2Hat8-dvnN7kmpG3UvSNqkWl-671vrXD7XVUu9_iS7FvNWcOyxvoOxFaBx5RYEb_Tz3_nayeUw_uiXw2_ZNCkRL6qI1sxUmguf-DaIyw7d0sPraSic2VwyBy_dh2_O-Zd2hBSHRwZHp4-9NbRNTPDAAvyXCreXV53PnfHZs-nPKGQIMk7NQ4Qzw52p5xaD3tWNYiw9mIWRc9lhrDS4JBiXEQkGfBT6Fx8A5MZhAb2QXz5wT530n4H73ZG9TR7UxuP9qotTWFc4VbdpFW0FW6FpsSbb8_SC7wJ59l2kzaD3btKhfXl_ztVRSkg87mSbQnp5HeDBof5tEIsMW63hQfse6fOSrx1UBjohkv1_iFYpTChz0Uj5u_Bbzug-bgwhWO7emVeDGPIUVyPdZOqZ1wCNFQFoAzFiqL78_Q2L7T5j-yFDv7rNA7HkP4PNzbFrLuZwmA7BgmArn2_vdmeKvlqhvrscClvbC6GsSBQ2ShHekX2gJJEmvgCYlP7kEEpxab1FQJFr5DiG_lFdNB0AT2FBZAKZHvvKVdE4u4qNMkyBiOs3vvtBDKIcCRGj1Yr-UCLGXUedAc7wXiSx5t5tJPj0a7vHOjQ-b9NOVeUEjTlt0f2T7pZiwJ2uyh-8qDQmIxY0hZJqYMQL6Q9sO4R87lHsSJLwEn3Vx-i2Mxz4lRIcg_o_FoVhl-zOakAzrssYCWVcOfSV6tiCWWeo6Q6OT4rP3MZKT5n0BC4-1qeKg6d7aqdJKVowOzjQlpNqXKI_1XemW85wBcKqy_5X1SU-uXAcsiOtTxvrOxD7WRZ18f9qT7cOIrz-oNHKafMISx6Hyudhi6GRJB7oJe8CAVMimuO4EnHmvmZqEvdAXguxGS0BrCIW8HXwIpOr6BpYPQb_iNsWcIfrdgNn_isCrOfpm6T-Zq_e5OfHEQlbk1jAp6Rc1HLpYALCmoV-3hZoWIvK0A54AtQFIlXMAwIwmY5RhDnAHbkdOzA3s_E5fwG8A_7l3Ms4of_9EnAn3yDjhGRwsynBt9Fv7HVyCxA2hoor80NfhyThxnuBBmF2gOrBbso1VOBKm88PQwi5ZaAb3FL817aoWkweLgKlV0-mOYR1FNGydmHUl1snPaGRt4EKr2uzIzyrWsJtUqoTh_9gQQU4ISpuj7GMTFqYLZMFLtYOqKEsbQ7cst6Iai-N5uWWgQfnzpkD6O2AWakwo3DiPF7xqgQ1pO4E4hUYI1AUdgN06_hhoFuQ_FBE6lIQCvT5KO1xBatjS7ZW5GWlGeJVjVpH0qJy_1NobYq4u_Bbjqs2PLIeF7zPmFkDTuE5tFqbIPN_3uCBMT4LISmn9avPUl51mDnUd7fVQpVXriUY-qOEVYhzGwADdRnJnnf5rAlBHwRtnxuUJVq6H5MWtaoR5cAYwSLFInOk0j0F4FYwlc9fbWgv0phEkAhMNyK4khGa-_rMcUUSAu4oaiC0_sKbUZ9AMpKdhlsC1CmnqoI67hxGPACnI_3T9rPCQcHClkI0ORhETrVBUXKheQIyP-s_XMdDD81regd3D5coWStOOZdISnlBgFPpx8J2fSTpjS3ieOgxcA3Km916exh6-g&cid=CAASEuRoyEpbIs3bnk1O7bLewq-chw&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:41:17 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 2128 22 KB
9 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:41:04 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame DE3F 176 KB
61 KB 460ms
11ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jun 2021 07:23:02 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame DE3F 8 KB
3 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-_OGbsUDhfnpzU-ooM4G9biAI6SPqWano5UuT1qRL8CWhlZnDGMXIwVz6JYdw1M6Xn4VnXbp5MO2z0dlqUfaw6giVLEgD4uF_JCOhbsyftRW1lpu8kpKypbcwfZwr2trL5ODgU2fwd3vT6Pcj7LbYO5TmZQ&dbm_d=AKAmf-DL7nbD1yKXyFsjshQK9fqmN39iHcAYIvFNU4p2rVEoaunuSbh5IF2S4C7GfhclqPZZALm_H0963Z6CXI8P9TO8eG6rXduZvHKA1u15ZVv9-MN0pPKnV1VvNnIw4CJDRapazxVAxBm44Pt0uNLdXDa7_zEqA4PFP_7cb4rjUsSGei3nQ-b8nPyuG3EzBKRncW-Os8Gi5Do_stAWO0abiRac4HwGPSTv6beimSZhG5XpwFN0aDOt7wru0XwnYOJI7Vpwz_IkaEH4HEDjobVFROqyp2T-wkJXkathBwYZzoBivJhEP4rkcjOUHMTtZbZVE7AodcuKT65eGRSHZhiD8tuyUUlNih6o9capOlzNxRefZktU5PJFqS7UYOC7p32J2KwzNWVn9qqSEBSOv9FtCkwKg2ionPhihjFVCeiWKH7McpCeZnrVLc7r0XA5b2gNnOm7xyL842hNFR0LnmqAm_C2T3U3j81Gq3C4Ugp8G8VSpbz_vlkmbEd_D_bnKbAVdtT5rzDkapB9e0htY4hkh15OZs9ajdOz847jcJ6FXMRbjLFuaP1AHMr8eoOAsTnPlcDkLLokLGVYamIWSr0K6FJYCMGkGOgl6z4_HJZGu0H3VuOzTY1Hh7XpIMFKKebx8JyQsW5r4jB8dRVgMOvyq2M7WyYaSSzA9Io7N9-Lhj1qce_whhml5b9cVkBVsNUuudTi-_Rd979YIZy9fSy9cRutsCup2CHo6ihzMbgt889h5eefZqeXJ5ndM85Hw51C53no5-hzfpoorkoKqCyZM7mt7FSCO6F81Zb1eVaMpB72yA3Vs3T53YrgkXr331wyBPilU_HRfemAWMrftaYFPQYJCn8Bdh-BCO4lOLSO25C0LmETGFtK9mJlq3Im8W9p_AwnCFcImx8lH_3_azH2nmRw14YEe_ldximYvMTddvzYuZ2txeeO7X6_iDCjimQ7jfecwQcvCroaUFOA5U6vjXVkJfL0DRxjbVRrB9CBYfZupvPyPhaOekswElS4xNz5UXm3feWwo1icyzdcAzO5U-t76c1ZhPEo0ilU75LEHRUP_cAiCYrJX-puIeAeR3otESYF65sZ-_S-a0x1CF6lE4C9LgcwLjh5JciJGk20eJ3D8qgfQr-nbwfpZealrtxolQRdYEN2OcU59wVCODXC29116kMipPdNG_OjgPdL__fcPl2jOehNk6KQyCx4-fh_bBIcU6di8ItC-EBdlVqIgyfWuW1_5ilvORKrffUCV9_omHZC9aW1fZak2GLm1UNhnPO86J0vGPhk-VmNCo_DRxtodl_bhs0Hb52BpbN-GS1V7C79MTSdatNA_sL1AR1XKyvdtlFxXSwliaUaUVEGoAazmS4hy7zyGv6h2-6uoQdkP4QFw8fZUy3sHVxWM3m11H1te-6Oi00EINEb5PoMDa3ObyCHONkvcw4bZm_2_2vh0hQY2G5iKoRHCTrCboA1NCndolQJvYIfsdeavAMwGA6yAkQk4dqhe1uS47jBruMJ9QsO59jODRyJwUwCjJZrIIuucyHuNkz2YqEqiLnZaCNbGHK7kIVpB1jtVSmJ7Rpr6ujvXwJHJWBaAXRjhWqQ_rTKcAxgxhDMAA120wqczbQ7kW45E91DRx7M9ntOzzIa0kSPxAgNQDTBOE_Vz_cdEL-OD7BehvARCWEHuCKj8QSrzokAAz4qFhDBf9LOWwJXAycT1DooPsvoJcr7gNDCEVgmHHApkP9xLgSKYhdPCDMjq0VL46emA8oElDHaWuWuhDjj2Dnn4XmgXcpW27WIsR3671ixxvcX0_xN4ppxUSGWDFo0-nZD6JNOof5pFM6kQzFuITdgBhVczy_g8AOoON3KteEaZiRMOhvjBBPDO9DgfbnryctJQgfqeQoBFEo8CDMD4OQ3WzXUMneqCNdWImmMmPZ20wtqqHaLwHf60ECDzSArtEwE_5MX7gQ2jaWElCbHci9ZxerYG2zlalz_tpHt9eTJEzR5CRrD8JPReqBV6mhRY8an_I8ItWb8CG57IGcNaLYNKRQxGT2kH9Oo6WNNYgaSRa-RguSsaHkb10IpVWsDN5JPoBcLLbGVaLvMIIL3x919kzennjA1WsYcI-902cZUDRoyzjnloBKtVlAdoJ1OAUo3y1zS1nwYv2O52BE8yD5W3pQO1QNMbAN73k_cGJi7_N8zdJAXiKVHz_WuJeF9W26zGwIGrh5hR6l5uDenevzIlIRCwOuEEDubdGW8cc-BNYNgn-vRhrn9rPSv_vTCERVYPMe7pIgAfkNuQGUebET0cSyvrRqnduT6AQA9UEo8TkALlilQ4529CG2VMa4XTdTT2ia-j33Fdim6PEn1NiNgcJB_NgSO6sZe7FS7tyl3pX8EhPXl2s93WSaizYPCoC4tpSf4jpMfgLbYSBibpCfhyHZwahsbk6ycggJY8vJYNu19Yys0t3Y7RSOw_BRISGydobccf_qsgpmQWgUWTq3jArbOiW-d9JNILzAgaSEaF496xv51P_I6k8qegsAeFmvJuNvge7CevrrCMPMTsvEyGQ_ok-5gjruPJ28zbfgq0xhSZo-R4ctHvOaRiY9qYW6uIzy1UYBt3G02fF3vuVcROHCEDPqoOdoYfwjQ1mo_0Jyn_s62e4-S87QWE_uL-QT9MqavO2aZtpyVbQe7MDta_ErFuqFjJkZcW1tXq4jj0I-9E4ZsDKhu9GQr7t8t9ELQlcv9GyU0p0uGW-ofcal0-J6CSnk0zsb_Oap5rv2C5U6f1SVPmwil3Zc2M7CjWwCr-5N1zC4EYjYb1zQroIOln5IdBxmxgs5Q7Wx05rGtwfdf5KfjXiRx_zPV98NXQju9HzDac4zQJjKFIvyE9p_PVy89_RG8vp5w7RzUrIZ_v98ZXOxfZ8CdlL3DeLCmKzN_Q5qmo0qMf1NFg62j_3WpI5x1ZQzA5wHmBiwdRKKBry_93Oj9-NnjCg_G7rE1A7egC6n1qpak4Lm9lsxTUe__xpPNT0iqYnybUXMAURS0CXaNu0a_8zNKtfa5boOD5GgN6i1fvHLwkygSCo9A0bo8HViU6TXtHiUapueO33B2TInCvFk2ENyqCjiHUXGJp16CrA9ndwmvmaT7cc7r2Qc&cid=CAASEuRodgAcSlCyHFnWEep2U0lYNA&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:41:17 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame DE3F 22 KB
9 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:41:04 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7E83 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 23:32:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 576653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 29 Jun 2021 23:32:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E83 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:09:57 GMT
x-content-type-options: nosniff
age: 545614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 08:09:57 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E83 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:46:33 GMT
x-content-type-options: nosniff
age: 7018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:46:33 GMT

GET
H2 200 cxense_data.json Show response
cdn.thestar.com.my/Content/Data/ 58 KB
27 KB 674ms
674ms XHR
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Data/cxense_data.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3089047ef6313952ce00525405c864386636beee48b5968467ac300ca8f2abe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 08yub3KIPZCZWcncQIQn9trDLgbkc8N_
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 15:23:54 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"3f09d98bcb79f2d029f4951821411547"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:32 GMT
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ISaDFZTKW43ArKtBJRUnXDn19XRGMD0hpx2BIRwPuuWC2DBw15CLrg==
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)

GET
H2 200 159.1c3fceccbc80f2a3615f.js Show response
s7.addthis.com/static/ 564 B
634 B 76ms
75ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 29 Jun 2021 15:43:31 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 394

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1

43 B
1014 B

115ms
52ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:43:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A54
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs-o1oXlffGQevo0YHMXwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1

43 B
1014 B

1120ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:43:33 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzjuGpRuGaizVFoB2ayQNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9A54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOet06fTLpalltjh5onwcXc&google_cver=1

43 B
1006 B

127ms
50ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOet06fTLpalltjh5onwcXc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARictLyZATAB&v=APEucNVtbW01CMhez0-Ib1-lEnY5pyq5gPuW4Ziob6sYn8lWYCJC2Q7jJQvqU8b86UgrvFRQ2oEt3bunAzCmuFQFA2DuL6AwPUvN4YRT6afnySXq2ZeckHf4EJg0ZRrSgDgoL-zxiwK4V1CFReNrxvC4LDaUXKLq_DwYssnIqokxEkNSo0cc4Kk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:31 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ba549f9a-105d-47fc-a2d0-86a2c30498eb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOet06fTLpalltjh5onwcXc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9A54
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MzE2NDQ2NzE3NTQwNTQ0OA%3D%3D

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MzE2NDQ2NzE3NTQwNTQ0OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:31 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4fc01c95-eac6-4100-8bbe-ad1a495e42cd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MzE2NDQ2NzE3NTQwNTQ0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 50ms
13ms Image
image/gif 2600:9000:2104:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 08:09:03 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
age: 9963269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: DwpyN-jHsjuYrecX0NX7hArHwsbvDZ1jM2Lxq3zEateLI6kWy3NIiA==

GET
H2 200 6CB2BFEB-A90D-416F-9C19-D69FABC0ACDE.jpg
cdn.thestar.com.my/Components/Flyin/Thumbnails/ 120 KB
120 KB 34ms
34ms Image
image/jpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/Flyin/Thumbnails/6CB2BFEB-A90D-416F-9C19-D69FABC0ACDE.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ff2d096a7c2e70277dbe0332e7b66ef8cf552fc7aceaa9c8d848f31e3c69172

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dsSXMw.q4ug71CnGJ906XwAefpwUVVfb
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Mon, 14 Jun 2021 05:07:15 GMT
server: AmazonS3
age: 139
etag: "7605048f8fc437c037ea30e68e0f65ff"
x-cache: Hit from cloudfront
content-type: .jpg
date: Tue, 29 Jun 2021 15:41:52 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 122567
x-amz-cf-id: PvifXnMepbkwPIwEzRvrrmTm3hX47n1k0XH7f1H0pabB7HPbfvYP2Q==

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7E83 102 B
132 B 19ms
18ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbbbc429a4bd535adb45f9ee2f1f8b899a9dbfccb4e11408e3ccc177563c2ce3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=invisible&cb=ht7eorxf80av
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 29 Jun 2021 15:43:31 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9A58 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E158 0
0

GET
H2 404 prebid-june21-LUPON-4.34.0.js
www.thestar.com.my/news/nation/2021/06/29/rtbpass-us.andbeyond.media/ 0
0 427ms
427ms Script
text/html 65.9.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/news/nation/2021/06/29/rtbpass-us.andbeyond.media/prebid-june21-LUPON-4.34.0.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /news/nation/2021/06/29/rtbpass-us.andbeyond.media/prebid-june21-LUPON-4.34.0.js
pragma: no-cache
cookie: cX_P=kqi7z30oj2ens4gn; outbrain_cid_fetch=true; __gads=ID=871a92bd5d3d7a59:T=1624981409:S=ALNI_MaIi8x-BJMZnYuhE3MnXGMAxlxh2g; the_star_session=eyJpdiI6InZ6ZkJ6WWJiTVwvUzBkVU1nWDBhOCt3PT0iLCJ2YWx1ZSI6ImEyeFwvME80ZUNGQkFuZUxWWVJJZkdDc0FIMGlaM0NDV1hUUWNpWnZlZmg3a3dTa2hOMWRlakZSS25JMkxIRVBNIiwibWFjIjoiMTYyYjc3OGI1OTA4ZDFhZjJiNjNhNjBiNmQ2ZGE0ODEzYmVmM2Q4YTUwYjhmZWE2NWZlN2Y5ZmVhYzNkMWIyZSJ9; __atuvc=1%7C26; __atuvs=60db3fa096d5ce8b000; cX_S=kqi7z4ve16hymatf; _gid=GA1.3.960485658.1624981411; _ga_3HWDM68GV8=GS1.1.1624981410.1.0.1624981410.60; _ga=GA1.1.989508219.1624981409
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thestar.com.my
referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
x-amz-cf-pop: AMS1-C1
x-frame-options: SAMEORIGIN
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
set-cookie: the_star_session=eyJpdiI6IlRtbmxSM1VhdUhjTW1RVFE2MzlRUnc9PSIsInZhbHVlIjoibHdpOGZpSkJQZnhBXC8wQWFOaTJrNGI4cG00TlFnU214T1hrNmw5VmZYV09nY004UHVcL045RnNTRFpCSGFxT05MIiwibWFjIjoiMTkxZDgxOWI0ZWE3Y2ZkODI4ZTU2ZGM5NzE5ZTA4MDIzNDdjZDgxMDJkNTZhN2VlZjlmMzUyZTc3ODE2NGZlOCJ9; expires=Tue, 29-Jun-2021 17:43:31 GMT; Max-Age=7200; path=/; httponly
cache-control: no-cache, private
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-cf-id: TTJtGcafyAEnr7h3us-SBQivKKdPCD8mSItIRWAfoyrXiP4AUEBb6A==
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 120ms
43ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:14:08 GMT
content-encoding: gzip
server: Server
age: 19762
etag: c457e964d47ff007ca9e04843536c474
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: SOzAdyP7.FQsxAjkeGom0RVGr_hQgEwt
x-amz-cf-id: tpvvDKyZwVZB8TSpPyhQ56WP8poqZSPDBcg5BKxpdeE9G86J-c4jqA==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B2EE 42 B
64 B 52ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2UQ_Ky4r9A-flWcZ9NKvvVsghdXFQojz8rT8zi9rthUBM9JtdqCGpZYNg7aIRizbZpqG6CRqo28-HyidgZUPYCJHQpqpJlW6AiWbkyIPvCj-Uo3rF&sig=Cg0ArKJSzAK-VcYb6vxTEAE&id=lidar2&mcvt=1145&p=167,315,257,1285&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&v=20210628&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2910908103&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624981409711&rpt=649&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBeeEQHUjlIXO114v3jdEP4&google_cver=1

43 B
106 B

57ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBeeEQHUjlIXO114v3jdEP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBeeEQHUjlIXO114v3jdEP4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg2NmRhYzktNWJiYS0yMjIyLWQ4MjItODY2NTRmYTllZTBj

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg2NmRhYzktNWJiYS0yMjIyLWQ4MjItODY2NTRmYTllZTBj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg2NmRhYzktNWJiYS0yMjIyLWQ4MjItODY2NTRmYTllZTBj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 7B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPVj-OkGg96i0yDxfwptzz8&google_cver=1

23 B
172 B

62ms
59ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPVj-OkGg96i0yDxfwptzz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi5uryZATAB&v=APEucNUQKIWGYTNDiikfjyWORfCE1duHqobToS23pTW4K__DNQru10dzhYkJl8cvw-mRGhEPolxkJ7vw_TqBmBy05EoK0Hlj1c_GfuEiOOOW_9aH5a6vT1QEL-R6zKlAmejHx9AgenV7po7FV53Iaz_Wa_HWIkoXHws2KKia93Zu_f7YuunHUMo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 29 Jun 2021 15:43:31 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPVj-OkGg96i0yDxfwptzz8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmE3YjlmMmQ3ZmE2YzUzODRlOTc5OTg1MmZkODAwNjYxMGU0YTEzNA==

170 B
188 B

45ms
44ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmE3YjlmMmQ3ZmE2YzUzODRlOTc5OTg1MmZkODAwNjYxMGU0YTEzNA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmE3YjlmMmQ3ZmE2YzUzODRlOTc5OTg1MmZkODAwNjYxMGU0YTEzNA==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Tue, 29 Jun 2021 15:43:31 GMT

GET
H2 200 7021.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0012/ 684 B
395 B 26ms
26ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0012/7021.json?t=451383
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.309.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578222397df0cfe2eff3110bf872cdb1142057c5a3738bec7842625ca504df86

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 89807
ce-version: 11.1.309
content-length: 277
cf-request-id: 0afa09aeb200004dd62a9ae000000001
timing-allow-origin: *
last-modified: Mon, 28 Jun 2021 14:46:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6670455decb54dd6-FRA

GET
H2 204 b
sb.scorecardresearch.com/ Frame 5614 0
338 B 63ms
63ms Image
text/plain 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10247&cs_ucfr=1&ns__t=1624981411496&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10247%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DAT&c9=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: cZrDwVcJvhTKHwJEDqY4T8_V5KehN0uMHEJxE57l0mdhypTN_IT8qg==
x-cache: Miss from cloudfront

GET
H3-29 200 1133176620062218 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1133176620062218?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bed68d074141b68490f52a6926c3768d9e8c860cda401ba9ae8990f4cce40ae2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75904
x-xss-protection: 0
pragma: public
x-fb-debug: tikFimEmVgO1KMy90etRAxhKUEj0VU4+V4ID2oxJLTObddaj0fwd+ueXUTOg8w+teV/6sLhH5vr9+ms3L/zN0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 29 Jun 2021 15:43:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207123949525156&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&rl=&if=false&ts=1624981411514&sw=1600&sh=1200&v=2.9.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1624981411513.876277891&it=1624981410787&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 29 Jun 2021 15:43:31 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 372ms
122ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST t
t.lkqd.net/ Frame 45E0 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 345ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame A9B9 0
167 B 355ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 3ED8 230 KB
61 KB 40ms
40ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981411.cds057.am5.hn,1624981411.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.0/ 162 KB
46 KB 129ms
44ms Script
application/javascript 65.9.77.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by: Host: 52a360d4000447a08efd7617080680a9.js.ubembed.com
URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:59:49 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 18:50:36 GMT
server: AmazonS3
age: 10809823
etag: W/"5989757bd8ad29a05f48a0b643993aae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Ha2vPvlSQNxeMcFpSwI912TXrmoItNQgvcaN5_qH9CisFsphb08iYQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=98582532&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&ul=en-us&de=UTF-8&dt=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEADQAAAAC~&jid=1676668606&gjid=1174496197&cid=989508219.1624981409&tid=UA-828580-1&_gid=960485658.1624981411&_r=1&gtm=2wg6n0PVM4TH&cg1=Article&cg2=News%2FNation&cg3=NA&cd6=WEB&cd7=Article&cd11=Article&cd12=583188&cd13=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA&cd14=News%2FNation&cd15=NA&cd16=NA&cd17=Metered&cd18=MAHB%2CKLIA%2CKLIA2%2CCOVID-19%20screening%20facility%2Cterminals&cd19=English&cd20=2021-06-29&cd21=NA&cd22=NA&cd23=Short&cd44=&cd45=false&cd50=0&cm1=1&cd1=989508219.1624981409&z=727393529

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 728x090.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/ Frame A341 42 KB
10 KB 27ms
14ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0daed5732706bcae388ef92d1ddc0a1ee8aab342342041950a6af921e47884b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10135
date: Tue, 29 Jun 2021 15:43:31 GMT
expires: Wed, 30 Jun 2021 15:43:31 GMT
cache-control: public, max-age=86400
last-modified: Mon, 07 Jun 2021 10:16:40 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2128 0
61 B 154ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvOrJ7PqqziPUKjZ4I5LlVqprxx7sUV2Bv2zDnwo1nxqDKvce91GW9Vml9Tobg5M8qndD9MWoz-0LfExUaGqgKkZAfyPN1HLlTOkz4RF8M1lCvsIr_cO7wwtxqGadDJD_ouG3L8YWOvAkPPHXpbStyBsXZc5dPPri8DrADwaz3BXnekzsr9l3jpm_YocssJa7EFW3QNXmyxgRL1LDCnF3dVUrz87QroQ6DRHCOVUADvFgBTE7QxBSy3G3Yd5wWh_tSA5nTthIIh0MRb_49e3dr3jtro5Kd0stoG8roVCxP-3EKoqqBGM6YxnnlcfDBEHmobXQtqSKodslgQStTs74Fap2fAa-mAGXXHnkJIr_oj06OLQKBT_nyAyB3wmiLtH609rngP3VPxR0qf8zsk5Hh8Hb2kra9JavONcosvCih5P2Hdd1aa63HXUxRE5T0gvexCVdN7Q7X_3ERdbHtP2tBNJlJANbHicZRf8NkWy-L4LlSsltfi4JN2MZ10bhSoETpZ6MwYbJxJgQdnuk8qG5JOx-BqEn7Wnzi3Gy08f5rPQgyvFksibThwGVQOnw3he2261Znh89b0QC41yBwgRSMe2VeAsqfMh_Aj9mwTo0CkskhPS-VnWXEFcYpwYXiqHuCd-bBcx5HcIFjjHpeDUWvrPSji3H7fg4Q87mtQuTV60Eokr-e9_UNfDk_MhwXVl4yAvUZ3UXP3k2UjJPCsTAjiiiML5xuJarTUkzotkteQN8VRpcPLAzpw2PpZJjLfXuzFqC7cUfHoMcgJFFITxhxj6pR4UAJ3aS5U6noOnRpnw9_PfUaNbPmbDE45F2oWmDOIMdKHz-2flZyd6GOE21YCqE370s0KJLqItLHQ3ODlFlvjEeciSdu7nefdUwrkJO1_zWHowl3E8eKOVy_q4h11LKJMRdbi3DxHGBKGBX4JysYRN-8LHvsjexvpHRCeXW7XiWlG_5BX7hHfo120YWbTNXizKnq0hN8_Q_1M7AFGFpFu9roSnLKm9R98qTYCcoipjXaGWymm58a7UODDWjbHAxpO0anT3bOkb5fN9fM-IIvL_P655xdLU36XFX-4q2ljOMWMiDgAOkHExVbysvNMQUO0GdL1NXSow_KRH0Dud0vutSS1si-wwOzY-L5bgb5n4cAXvNaNePwkShLcvrKIGDbjVeDCJnPCWYtUkZ941Q-F6LCgAT7eXSL3lXHqhhsmW2bkKb3iqiy81JAf-PFajFec0Zi&sai=AMfl-YQzPgb9Xm0WnBlT8o-9Sb-IqQlBDL0bsntrZruoeRsoRYr1OfHyiDNwFRRpkHejv4PM8hpwRi4cc5ax8vGVGzy-c0s-H-cMeBFjkv0naTbi_rMg8cdbj4oGNIiznl0OZ2RW7eN8zS0HccpMJOypsBFNuhbf0g&sig=Cg0ArKJSzKho6OPjM4W-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=855&cbvp=1&cstd=847&cisv=r20210624.62342&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 29 Jun 2021 15:43:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 37ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-828580-1&cid=989508219.1624981409&jid=1676668606&gjid=1174496197&_gid=960485658.1624981411&_u=aChAAEACQAAAAC~&z=1638086536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Jun 2021 15:43:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 300x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/ Frame 79A8 41 KB
10 KB 15ms
14ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ddd478b0691a413cb1e2494aaed3e2b7c206930c228faa1b1834927fde2fef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9908
date: Tue, 29 Jun 2021 15:43:31 GMT
expires: Wed, 30 Jun 2021 15:43:31 GMT
cache-control: public, max-age=86400
last-modified: Mon, 07 Jun 2021 11:49:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE3F 0
592 B 128ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst88hqNeB8ZwZ9i6-IrIUQZG_48_NsyduvPXjwRfpLYKHxzWi1tVA1cEjlRRnjgEcn-NtF9gQS9lUJPyz1WWfiF6F4NArZb4KZ_Hbi1cSzMbijogsofFDrxjml_2zgGLskN7y4y1vFYCNjyl91p4jfdZfHuPWsF1iT08Sl7ahfOoN6zZdB4aKEBKIyHq6l8oRG4QC0Cxa9JX7W5k_cXa_GuIe4SdsnKfauSUUW2XfVCCRhQkpsANp1Vzqskb5Tl_uRkX5wCUvKl_QnSWa55yww2_pYoqaoxTOcUjxZ-5YxrDZFS17dZsTMWaNv4AhExCX0BH05yMXL9nvukXpWC67gT0NmpzVNusfDK2KY1BjUMFKp8MesGnLBgdRKLMun_Al2VXV3ooca84Kkbt69AIRX5Nted0X7ypFSTiLoX9Eg9yimJ-Y5jTo-rfg-zNTOO6a918YgGVO8dbb_eATE8awgnc4SWQCNsfNXZjKISiIzPLci-g0RWKZO9BFyYphJFxc_Y93lyaXGozx1tzck75zm7w_Gsa0yJjDaQMHjcQIvxsEqfOS8skfQ2qila1SGFaW3AqasgNT3HpglqD_36MsLvru4SOsgQNr3_SNBL0nsCVKS4K0pfvOhKUym-j9wpGdu7ydo6Q7_5AOExmciwswfEyb8Dl3qiKoS5mgSvNfGDuYoWI_ki4kNUiqTMT_aDCGvnJk3Zkcs9boyS_anqJ1Pg0sZ8KqHRUsw5GcPM3UrwxTehFg4b5mD7KjijFPCH9jdhNMChHEx8FEiXTcz5QfVSLBzqKz3VOILkmbzC7fx5M2OEm0EsDl9Q-KumkWXGjJblsURqxCIH1m7ISw23Qba7O8iPv67xjYjT1K1RKaOnThGQza40Yxsosgl7-U6ng2Su9xGYgidVCo4C6NPNSRAcCCQFswqJohQZewPT8yKxkfIJzKQ-wX_sWPayiMv6NYS8LO-swk2wlK237_iY5yGLoR8BwdAN6cAiqTld1bxcoor4puibfT506P0upcRP22LSCExOIE2ZBarKUBZ-mzjepDoRtB9aVjD31IlLHtrTDuXGgdTiVEXqv4Wi08Hpy1WvEte-eMmp9BTpx3BpER-Loo_XERApqFv2yBhKVX8xm4RxeHqWh7aGdsVp5uCud4MNqJcRimYLuveFfFjl0RbTDHOVMnVwvNQkvPvuwRalaPCjG6KxuMmonq3ol9b59BxhfAvGCfnG-vBhg53_2lMp1_kYvft9TX4MtZt2&sai=AMfl-YTqAYPEETQQTvyjw_b9yPfoPkWYDikKLD2EhUB6qF9NqpnDZSzOHDXeO5nJpMKzyRXwhWDKPxH4pf5vSfU9UvRyZhsb9xkWqjGUrkgG5qwHfEpUMOP7-wdMpH65Vz9w8qAn0-NPYu7Si5aYtDAq6w2ff7Xfrw&sig=Cg0ArKJSzNL1XonRtEcoEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=864&cbvp=1&cstd=858&cisv=r20210624.54086&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 29 Jun 2021 15:43:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET cs
cs.lkqd.net/ Frame 24B7 0
0

GET

cs
cs.lkqd.net/ Frame 24B7
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

0
0

GET

cs
cs.lkqd.net/ Frame 24B7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1Um4MFqSRfBYOteMWpEttVm7qN0

0
0

GET
H3-29 200 2102948126432240 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2102948126432240?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33375c3a72d8e8186860e21f1e3c836def7c5197946d626ee3305873ddfca81a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75966
x-xss-protection: 0
pragma: public
x-fb-debug: Ingh/0jDfaWx7YsEMPErjRLS2PF1VZd++L6d43tAuuFvXAl4NsXLCQNIgZtTZarW4s/eHT13+xjmnlfFsUUZww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 29 Jun 2021 15:43:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1133176620062218&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&rl=&if=false&ts=1624981411775&sw=1600&sh=1200&v=2.9.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1624981411513.876277891&it=1624981410787&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 29 Jun 2021 15:43:31 GMT

GET cs
cs.lkqd.net/ Frame 6E39 0
0

GET

cs
cs.lkqd.net/ Frame 6E39
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8531091146276700440

0
0

GET

cs
cs.lkqd.net/ Frame 6E39
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ykHQ3-BwSPdhPLAd1rKpdlm7qN0

0
0

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2128 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 12:39:50 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 825F 1 KB
753 B 35ms
35ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 29 Jun 2021 11:57:52 GMT
expires: Wed, 30 Jun 2021 11:57:52 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13539
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2128 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dab79488353b6c60b5735605c4eef746efaaf7c6cd44606499e444bbf0a987

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DE3F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 12:39:50 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F57 1 KB
753 B 36ms
35ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 29 Jun 2021 11:57:52 GMT
expires: Wed, 30 Jun 2021 11:57:52 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13539
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DE3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c29c8ebb51d4f2aa896e2dd4234921a430a6a10d993b06683045013d32f78aab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-828580-1&cid=989508219.1624981409&jid=1676668606&_u=aChAAEACQAAAAC~&z=1539438072

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-828580-1&cid=989508219.1624981409&jid=1676668606&_u=aChAAEACQAAAAC~&z=1539438072

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7972 4 KB
2 KB 40ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981411.cds057.am5.hn,1624981411.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 3ED8 41 KB
5 KB 696ms
695ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56691633&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 32d3c244db33b7a660c9fa43c2ccbd743df7cb5edda38f6063c418d7f952053f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4661

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 621ms
39ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 1868
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 15:21:41 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: sFiIO-hOLpHj5T7LyUN9AAD5m2dPQCG78quAg3eghnGVvxd7zIv0dA==

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2FAA 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 29 Jun 2021 10:28:06 GMT
expires: Wed, 29 Jun 2022 10:28:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame A341 110 KB
38 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jun 2021 07:23:06 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A341 60 KB
24 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jun 2021 15:43:31 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 79A8 110 KB
38 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jun 2021 07:23:06 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 79A8 60 KB
24 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jun 2021 15:43:31 GMT

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 362ms
116ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56691633&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:32 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2102948126432240&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&rl=&if=false&ts=1624981411953&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.2.1624981411513.876277891&it=1624981410787&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 29 Jun 2021 15:43:31 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C9A 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 29 Jun 2021 10:28:06 GMT
expires: Wed, 29 Jun 2022 10:28:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE3F 0
23 B 212ms
75ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2128 0
23 B 192ms
76ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 534 B
404 B 411ms
53ms XHR
application/json 52.19.7.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.7.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 54aee6335e0b80f8e1b61651df88941cb2de5d1ee95dc9adb6599a431c9a9c1e

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
content-length: 244
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIVfHpwfsOr1kuZI7TIibFA&google_cver=1&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-SoZps1pW0TZDAa
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=22DB9C3E0E404906B25811D4F1072A4D&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-S...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=22DB9C3E0E404906B25811D4F1072A4D&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-SoZps1pW0TZDAa

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 15:43:32 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=22DB9C3E0E404906B25811D4F1072A4D&google_push=AYg5qPJS_CamWQ1UJje2u6ZYrg2yVaKtDfUOw4Mq5XBm1nSXnJdUJkBYOwz8exMit5swvmpmQ1jyTnQFx8PxO-SoZps1pW0TZDAa
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 28 Jun 2021 15:43:32 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN2ytsuj8dB-P2vOhQ3QINI&google_cver=1&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZE...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=92neMTigQReliGZPKa6c9w2&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZEoT43HYKJYg_Z

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=92neMTigQReliGZPKa6c9w2&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZEoT43HYKJYg_Z

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 15:43:32 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=92neMTigQReliGZPKa6c9w2&google_push=AYg5qPJQvZwnZvgbh0Ngz2qAGEWpew2VTLmbXZNAg1okthQnbYMZncFATudRSRAQ51hlMndsLOqTBIi_nMsYHOZEoT43HYKJYg_Z
x-host: tde-deliveryengine-production-5b7dcdcc4-5cxl5
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEO47pjDgRSF9qmxMWYzocWY&google_cver=1&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO47pjDgRSF9qmxMWYzocWY&google_cver=1&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQm...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m

170 B
188 B

45ms
44ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIOSzJ3OYgPMsjDgGvHCU_tpD6ZR_ZAurdhifjllqmI4hlcR7CiJidYndWR65VnIBelynDhgTGbFN_XrjXEQ9OQmTQuSF0m
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKfoauASNiC1HXrkt14-zCw&google_cver=1&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_Hx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKfoauASNiC1HXrkt14-zCw&google_cver=1&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMjUyODA1Mjk1NjA2MTA1MA&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_...

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMjUyODA1Mjk1NjA2MTA1MA&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_HxMDPmAy09SWAbEJKEywA

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwMjUyODA1Mjk1NjA2MTA1MA&google_push=AYg5qPKWSPeYXvC04iBacWi4USo-nFfB7RJvA7LIqSDBH8GfD46ZQ1tCFun12EgjDr750JY3RbXfz_HxMDPmAy09SWAbEJKEywA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBrA2xYxXHkoxktqk56BSWE&google_cver=1&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq&google_hm=61-DPztLxagrtpBrVlIa1g==

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq&google_hm=61-DPztLxagrtpBrVlIa1g==

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJGTJa5UuCM69Bxqw3LJaPJStUE-WpbRq_JwGJv1W9GrTJRnMJqibhVk5UIBgWHiZdRV2_9VF_Wum7k7Ud58mgR8U8StJq&google_hm=61-DPztLxagrtpBrVlIa1g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: d7ecebrbejto46j2kbaro7gqhtrgtkpg

GET

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 825F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJapnyTJ065gEasZK5Y7zOI&google_cver=1&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm3eiBUMgv_Bsj

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm3eiBUMgv_Bsj

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 15:43:35 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJsudtUf9nq3BXnbg4OWXu80hndmlDmJ8h7PdhDvQzQQH5qqNqTLlSbW8QMMWeHvpTlhPvOdTmb_VQqiDNm3eiBUMgv_Bsj
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: t5Nn-2kF_vI533qmIcl9BALkFVJ7ccbKMYxoM0mdbLRAnJ_YMbMK_A==

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 825F 0
12 B 232ms
230ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLSRxrf6AcbqJ15f4FvPvd-XfXqqr7pG-efdga92QoTmy4FBJ64ApgnqtmU8Lhbsz9FZ8S

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryF1DPwfXXP3oe6HtU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 29 Jun 2021 15:43:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A341 5 KB
4 KB 50ms
50ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1a2536c621cbe9de9deaf49303fceb978d91afba13f8c62f80fb91e34154e3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4299
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 79A8 5 KB
4 KB 51ms
50ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4c84de696adbac740dae40dd2a6ea15b6a68534ca5b209b4c3a08a7ef58282a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4248
x-xss-protection: 0

GET
H2 200 583413.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 670ms
670ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583413.json?callback=jsonCallback583413&_=1624981407688
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46f3afe57bbb93db6383ab0e0eb010f1a6bcc51fff314f9439017611f416e0fd

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:33 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:56 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "7ee1e8ab7e25d281e68ced60edb778bc"
x-cache: Miss from cloudfront
x-amz-version-id: qhXl8mSw6oHU_GdUPEr9iM9E.tGKop0T
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2155
x-amz-cf-id: -Imiqmg44T9YAP_-5KYaGyetQjKIU0zPnjkt6ZQy7m2BWYpNluvEtw==

POST
H2 200 t Show response
t.lkqd.net/ Frame E61E 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 120ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A341 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:32 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 79A8 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:43:32 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4F57 35 B
463 B 11ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP4L5OyKeMg4E7pJ3_DnE7g&google_cver=1&google_push=AYg5qPIQJMtaBGSJkiIdEjIukSBBFvj2-O0TpVNXpEozoxSZHUdHs6jzpwf4evSiTaWCmCQU3CiOCda7sO1PCeSQ66jIxAL8FoU

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEApERv1yzh7oDXND6itWg78&google_cver=1&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6PtDGhdA&google_hm=CbJQ7RcYSHaSoAIDA7jJRg==

170 B
188 B

43ms
42ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6PtDGhdA&google_hm=CbJQ7RcYSHaSoAIDA7jJRg==

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJrzRyTiNFCSjeYPbg95lZaAQue-n810ZtJcM0_cKfklUwBZOXN3nrz4ZmXVlCegrAO-S8VN57pA_gVDuFSohC6PtDGhdA&google_hm=CbJQ7RcYSHaSoAIDA7jJRg==
date: Tue, 29 Jun 2021 15:43:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBrA2xYxXHkoxktqk56BSWE&google_cver=1&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg&google_hm=61-DPztLxagrtpBrVlIa1g==

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg&google_hm=61-DPztLxagrtpBrVlIa1g==

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:31 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbtmIBMOpaXN6XRubUZxw3i8ezajFZEVmQ3uxB2KeQVSG5YTKlih-kZnpC34BUe7p4IkkjPXjgrosRoqmQscCG2nJr_Vg&google_hm=61-DPztLxagrtpBrVlIa1g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 6lqjmgjv3dfojb0n2612nek35b3bn6v4

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG2YAo9lERgTB12Lf5PLw3Y&google_cver=1&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJN1o3Mk0tRC1BQlVa&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9hpANRe0A4Bqa98pgveQH7ag

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJN1o3Mk0tRC1BQlVa&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9hpANRe0A4Bqa98pgveQH7ag

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJN1o3Mk0tRC1BQlVa&google_push=AYg5qPIsnUGtdFZ6QnZz-iOQlyhOaa-Pq7NQeamN5Cl4JGpM-dOZYyV_JCxpgAjRuqr5EccOeT9hpANRe0A4Bqa98pgveQH7ag
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ1yC37rwnvuyH7KM3tD...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8&google_hm=A1FStH-pT0zGvtfibN__A6A

170 B
188 B

45ms
45ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8&google_hm=A1FStH-pT0zGvtfibN__A6A

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ1yC37rwnvuyH7KM3tDwRw5RYuhBg9FnBp8UuqpIABcjw79bHEM1hLafEFwvQYMM4qFyotVmSSvLdDAhD1S9XesR_ahv8&google_hm=A1FStH-pT0zGvtfibN__A6A
date: Tue, 29 Jun 2021 15:43:32 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5152b47fa94f4cc6bed7e26cdfff03a0003
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPFzXScq1Yc24__xqglCCJg&google_cver=1&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNzYxODkxNzkwNjE2MzExMTA%3D&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNzYxODkxNzkwNjE2MzExMTA%3D&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNzYxODkxNzkwNjE2MzExMTA%3D&google_push=AYg5qPKN_p39H2cK7YYTvWFvcn1jRjOccbuHkT3AOWTuyTCl49NXpUFRdFhXyE9gFgRcAzbbuVN3vuwHFKpC8vWv6I_phdpH7Gc
date: Tue, 29 Jun 2021 15:43:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4F57
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBHmHpZHMQb1MrfTamznjHU&google_cver=1&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hEN...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hENVXc0tCLm8XkDw1xntgJXE&google_hm=ODAwOTAxNzI...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hENVXc0tCLm8XkDw1xntgJXE&google_hm=ODAwOTAxNzI0NjIwMjc5NjUy

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLWlj-N5EQFw_4o-L4Ti2b47PjTqLQCLEaPAE5l-OHL_PYXCNVtVJ222NiMD8YnNGH0XH-hENVXc0tCLm8XkDw1xntgJXE&google_hm=ODAwOTAxNzI0NjIwMjc5NjUy
date: Tue, 29 Jun 2021 15:43:35 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F57 0
12 B 48ms
47ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IguWVytzw95LNHjJEgJTk4q1iAK-jD62AbZeB5PkjyGriJi8KvQMr7dyyaX362pIlPY9gP

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET cs
cs.lkqd.net/ Frame 7972 0
0

GET

cs
cs.lkqd.net/ Frame 7972
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

0
0

GET

cs
cs.lkqd.net/ Frame 7972
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

0
0

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FAA 14 KB
6 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 10:45:51 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C9A 14 KB
6 KB 35ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 10:45:51 GMT

GET
H3-29 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 79A8 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:34:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
age: 542
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:49:30 GMT

GET
H3-29 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 79A8 47 KB
47 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:39:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
age: 216
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:54:56 GMT

GET
H3-29 200 60005582_20210602070710916_300x250_Intro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 79A8 33 KB
33 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210602070710916_300x250_Intro.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a59e015cf58f111026f7b63465879a9808b48fc20620eed82f859fd59b616d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:25:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 14:07:10 GMT
server: sffe
age: 4712
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33413
x-xss-protection: 0
expires: Wed, 30 Jun 2021 14:25:00 GMT

GET
H3-29 200 60005582_20210618032002730_Streaming_STOERER_ASSET_neu.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 79A8 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210618032002730_Streaming_STOERER_ASSET_neu.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

646e5528abeea0c8cfb3006e2eae681f9c2776529655b69c634aebce99c2a5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 21:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 10:20:02 GMT
server: sffe
age: 66129
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2912
x-xss-protection: 0
expires: Tue, 29 Jun 2021 21:21:23 GMT

GET
H3-29 200 60005582_20210205050132134_SAM_S21Plus_Tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 79A8 44 KB
44 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210205050132134_SAM_S21Plus_Tab.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9811ad7d048696f000f806ddc8927cec84f1aef9c885739bd5b6147645c1899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601774/20210607044907076/300x250.html?e=69&leftOffset=0&topOffset=0&c=SCNQJUjNdm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 01:21:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 13:01:32 GMT
server: sffe
age: 51730
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45129
x-xss-protection: 0
expires: Wed, 30 Jun 2021 01:21:22 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 79A8 43 B
607 B 101ms
33ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_290977323_99454634_-0&ref=25124645_4307561_290977323_99454634_-0
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:32 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3-29 200 rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js Show response
pagead2.googlesyndication.com/bg/ Frame D4CB 14 KB
6 KB 36ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5752
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:33:14 GMT

GET
H3-29 200 rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js Show response
pagead2.googlesyndication.com/bg/ Frame 08D9 14 KB
6 KB 37ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5752
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:33:14 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynAD11KwiH6r7MF1w

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 29 Jun 2021 15:43:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 6 KB
3 KB 113ms
31ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 09 May 2021 19:55:21 GMT
server: nginx
age: 2251
etag: W/"b83f21b3b86f8c5af4a60b50b2412f5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: clear
content-length: 2692

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymlrMosRysuiFxUor

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 29 Jun 2021 15:43:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C9A 0
27 B 72ms
72ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bteusoj_bYJbnKZCl3wOe3bOgBAAAAAA4AeAEAg&bg=!np2lndnNAAYo4NJEKOA7ACkAdvg8WhBxFHHEqS9KMZjg6ehqwzHecajoKYOTFoGFOvfzy7TyEq11kwIAAAF2UgAAABZoAQcKAFIgSoGUw8fOEMW_28bDtRZtRhKExMrGb8g91acwUSpECEBNN2B8SUrk0UJGGrIixs5G_ZlCdJkRHpytMnGZ0eNU-y_UDT3evKWUtmYhie8U8-WUmQLHHAWqj8_XtBr4jg3rZE0p1uLCkoaBJ0cVGNXqJ4uY-RgCsddRTgbfcQuUDSMot6L3APOoL9tflPHLl_qMjaRJfzl686coVozHL_RaaE3UeofMbPcSPySkgwBdNK4SWqorkP9xA29CRriYNEizV3btnRKuNjMCYvOzhwygyk_gSc2NwmIynJdGnIx34QG8MMvakPouBdeOsqzls4gbp7XzKUV8_eJxIuHI_UqIfmYAw9iMfbm2TwSFh-USDVqTb9QhK7q2F3DJBnns23vKCMc0My56DfOhTMRQnFCHCgWb86ZQ_GCEEeZn6YePWP78ry1w35WPGyC_LeTXF4LP3-759mNs9Z_OELNm6LAeviKapBEOUS1Il6VHDbB2T1rQ3n_vT-tWD-jAI6de5pQmtVSP630DBKXNJoqG9qRvmEaDbi9tM2Owlm4UOHDoaIYwYGt5ioGch_uZyPTRzlcXMkGKZ6XHXSp9pNP2vNmyzC8SvQ3xPTefcFBAAbSoaG0jAaggWI7PeMcBNux6RjltJv3vyZiPuuLvoLBGII14kx_0OYZ8VYazkdWTH5yZXCvWQG0zLmT1bRS0hxoIO7WiUDcGYyl3TM-dRLiuGPnpfKG8iwePPhPsDyVQKkbvjM2ITohVXS2ua9bWimv2vcSf1ROYkqELRqHGGW-WSSS3zK1vhzT4gkuYkmHyi3KvO_1LaOEJA9UQQtgyTTWEHjW4yP6YyTVVZ9WyJXtovCOeBv1EF48NFbbxDOiTYgVxJshZBjwwUdt0uQPVX65WCsoOfy4PLKbLEH2_gpPt0f3d2xEc8VKp_FTknHymYXILMfRMGt0Tt_Sqrl1hZFvrn7gELINbF19xN7kuzBDzD6TZTs2dmTSb2SnDVD8ACY-YosHDn4JIxQNLGScKwW5Rk1wX3tpQN0SbrVBJS7xcIp4rDT_JNyfRZ9NGY5Ex

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FAA 0
27 B 72ms
71ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCSnpoj_bYOu2J8Tv3wOO9qvgAwAAAAA4AeAEAg&bg=!lJell9PNAAYo4NJEKOA7ACkAdvg8WpY-86yNPIlUrkbu3DC0j1DqPG0b6c34MxV5yz6v-_HUOfGQUwIAAAGMUgAAABFoAQcKAKdwnxDQkFWWXgDVnwNZGOO7606SE8K1oQL-PMfZWrrx7le9XIkV6PiI_mIEAuhActAeG76FNZ5hTiKy7LOrwaYe5k1VGQY6wcmBbU5LMepiqXW47j1L_lMf49SxY6tqsZ2JxMU0-BdCHu-LZAzGvdlRnpEQbGNQetQlgvJ5it-nQWmAK-Y4cMuGaVOKB2EDlkJqGXg5G2fPsLQjYlI5IQ1AQFa5rLOv8ZkCyO69Gw7SjyEzPWd-llPOX31wabLe47wclUIuHoqZW4KHR5r97eA5cWzxd-MOOTjRe7DcGUWAs0i2nAkTvXJaYvivToDLDjOYpuprH0BVPwLooDx_PrCfn3vH4uvZsKfXefBhITbCizV7_gmZuZAsjC4lVhv515QZNyCHU1DagiGTzUZa_waa_Se5n95bbvnBxgahqw_ky-sk9B3TcxLKqPu3H0QHRKUx70CNzz048jyjzotoURWiHbG2rmRwMrA7panB3wK87E11aJ-5P5KhIe0HTu-rLAeehhBFrZ7aPFHrnoNFgN1kOhmkUfxvX37P4Hlh_19K0LOKoIswngmQUIacWfh2rTRBX9aKcvTzbaXdpQLF8AeQ4AYRhPYVKIMgZQ2lAhD6KH5xQlXxtGcYRJ1alijvmIkbH5aIHIheEqS94OlUtMnZ8JlNZpJJFcPneWJP7UtTh28Z_5sV_gcxDW_w0nhfABhcdjrf3uL8Qi2w4kkclipUHSTNRBaYwmvZkMk-6JipwH7J-xHZFthyL--2_VAC9qP7ABoJMnXAXGunONKG1IzWMqREqgESD9MxH24M4nZ9nbIX5N5WEUdGEz0XZf0VxyGJmpv0HFVzGgiF6eYnOFxxdhdWPSo82BwKFWSlmfgGs1XGS3sP35u8i8QnXUPlYqEXpGq7_UeapWY43a2dDCcOokhjq5wOhScbAN_a6SPyHq1aqqWV_l-7Msr6sJNAS_eal9ILlAwV8_bayF23HG42ncCdY7mfz25VDZhtK1vSTd5qX-Cx8fOCv0jK-DYmInyw-5i9lr9OP-Qv283PPKZsF87nTSl5CXZNJxqvVa0MX_TxmmQzV0hs0NfggAzbzcgp7na5LMBs-sabG8BBopHP-Lr1uHKywhjt8bqu7lRp1qVIOc1D-3AvzX3i-QqlJ4zxfxxJoTvbIC41NRwSAptVcpU

Requested by

Host: c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
URL: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 583413_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 39ms
39ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583413_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ZWRVZeCwxI36nsPce2tIJtroGfRMZ3Gj
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:56 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "e378eec0a4acd90c9037a7fced095562"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-274207/274208
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:32 GMT
accept-ranges: bytes
Content-Length: 274208
x-amz-cf-id: QIEvtxpjaPW2XlVHWCsLMyjXj9Dd5Uufp8YBNU_Zq8JKhhnQt-05vQ==

GET
H2 200 583413.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 672ms
672ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583413.json?callback=jsonCallback583413&_=1624981407689
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46f3afe57bbb93db6383ab0e0eb010f1a6bcc51fff314f9439017611f416e0fd

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:56 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "7ee1e8ab7e25d281e68ced60edb778bc"
x-cache: Miss from cloudfront
x-amz-version-id: qhXl8mSw6oHU_GdUPEr9iM9E.tGKop0T
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2155
x-amz-cf-id: ocSug_-ujtDq0JU1rlRAQWo5uIp7UDs4CiM6jFFA1dRB-VQf1eproA==

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 67ms
66ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1632022525&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:32 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
651 B 131ms
43ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:33 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET

sync
ups.analytics.yahoo.com/ups/56465/ Frame E58E
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1221243956&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi....
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc26a78ef-d8f0-11eb-aa11-025d80eddc4f?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-HLQicwdE2p4Xq2FqXAYZdloCX2I9BWMF00uW~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-HLQicwdE2p4Xq2FqXAYZdloCX2I9BWMF00uW~A&_origin=0&nsync=1&apid=VAc26a78ef-d8f0-11eb-aa11-025d80eddc4f

0
0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 485ms
137ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:33 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H3-29 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame A341 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:34:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
age: 543
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:49:30 GMT

GET
H3-29 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame A341 47 KB
47 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:39:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
age: 217
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:54:56 GMT

GET
H3-29 200 60005582_20210611055833302_Stoerer_AirpodsPro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A341 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210611055833302_Stoerer_AirpodsPro.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f665b131599311044cbe32c0da10dc710ce1ac5b38e7af2184a8e413e7f0871c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 03:13:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:58:33 GMT
server: sffe
age: 44985
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5505
x-xss-protection: 0
expires: Wed, 30 Jun 2021 03:13:48 GMT

GET
H3-29 200 60005582_20210329010036382_APP_iPhone-12_AirpodsPro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A341 31 KB
31 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210329010036382_APP_iPhone-12_AirpodsPro.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c64d90bdea5651d615d6b66d72fb88f532172b64fe0c9c8d7355b202972fd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582040/20210607031640062/728x090.html?e=69&leftOffset=0&topOffset=0&c=f2q0MD2fca&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:08:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 08:00:36 GMT
server: sffe
age: 9274
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31306
x-xss-protection: 0
expires: Wed, 30 Jun 2021 13:08:59 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame A341 43 B
607 B 98ms
33ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291118948_98932373_-0&ref=25124645_4307561_291118948_98932373_-0
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:33 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 206 583413_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 35ms
34ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583413_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ZWRVZeCwxI36nsPce2tIJtroGfRMZ3Gj
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:56 GMT
server: AmazonS3
age: 15
etag: "e378eec0a4acd90c9037a7fced095562"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-274207/274208
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:32 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 274208
x-amz-cf-id: sbR77k5cwRCSdTdggR8Z6BdsppDI9bvTdfN7sYe9PWD9HYbv8EP3BQ==

GET
H2 200 583412.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 669ms
668ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583412.json?callback=jsonCallback583412&_=1624981407690
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 516a60ff44c6d96b8ba07b5a984e0af6451bcac118bdc5e367c7b3ce44db9f36

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:58 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "65454fff7e685e813938ccd3cca2c221"
x-cache: Miss from cloudfront
x-amz-version-id: YjE7ugI5Pjy13R7MIaDhYUKS_uIF2CpP
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2143
x-amz-cf-id: aMIGRFMCabsLImVf7H1vaje9mU3hnlRzT3arSfF9V1_SigqhMgXtjQ==

GET
H2 206 583413_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 96 KB
0 36ms
36ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583413_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

x-amz-version-id: ZWRVZeCwxI36nsPce2tIJtroGfRMZ3Gj
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:56 GMT
server: AmazonS3
age: 15
etag: "e378eec0a4acd90c9037a7fced095562"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 65536-274207/274208
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:32 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 208672
x-amz-cf-id: QIdAnpACD8eHIgn6HW2DX1xUSNnuk4jLFtFD5s224Itd4ixdGaHgNg==

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ Frame E58E 249 B
548 B 627ms
516ms XHR
text/xml 18.194.215.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1221243956&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.215.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame E61E 0
166 B 125ms
120ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_2acede25.js Show response
vpaid.springserve.com/production/ Frame EAB8 484 KB
100 KB 51ms
14ms Script
application/javascript 2600:9000:2104:5800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2acede25.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 295d52f1ab3737b326fb8864f83333b669b00e36a261b3c5023322a5aeb9a5b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:34:06 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 15:26:59 GMT
server: AmazonS3
age: 569
etag: W/"e2003612dac1215355283b11a38415f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 0YC4vvl5IU30XQmGziGL6CyncTAitKbrTFJgmWAI-7-xBZswGpC_MQ==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 t Show response
t.lkqd.net/ Frame E61E 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame EAB8 0
219 B 286ms
212ms XHR
application/json 18.194.215.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2acede25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.215.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EAB8 166 B
1 KB 119ms
43ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2acede25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c8046d445fc28d48384b7d10313ea4a335af85e0cf7f2726ec4aac6864b753e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:34 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7cba083b-89ea-4c85-80f8-3225f803252d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EAB8 166 B
1 KB 145ms
70ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2acede25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2cb4fda7d12374fb0cc3c7ecd21c3e90a71cb1e9a57404e441bdc308d23acb5d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:34 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d62fa56c-8466-4921-b603-90038f215342
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 206 583412_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 42ms
42ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583412_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vZRatDCcee6o.n7R53yc1Ynx8oHMP2ls
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "281384fadc665e0b4253ff1dbcc04664"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-228703/228704
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:34 GMT
accept-ranges: bytes
Content-Length: 228704
x-amz-cf-id: ORnUn7UGg6nRfkBkYUgbaxHs-hL7x8btmTVOW4_fBjLHXIoFrmn8Qg==

GET
H2 200 583409.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 678ms
677ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583409.json?callback=jsonCallback583409&_=1624981407691
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ff22709754b2c5fb63b8350afb80dfd88f82e92157c16a2bbcf05a0e4117717

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "976e74bfc6cb2cc48451836ff4dc2cab"
x-cache: Miss from cloudfront
x-amz-version-id: UpRxBJnZvTzXiUqhoQ7.Qduv2VTotBQl
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2043
x-amz-cf-id: bDtHwGsqLDTekJPmz7q5YWxvN3Wls_ZwMQ--CiqL0UNlwqSzDeaTZg==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame EAB8 962 B
849 B 116ms
35ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2acede25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 66c773ff4f3f0424a4a3d43bfc5d4dfc6d8c01835bb3b8767f0bc4555e4ba2d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 588
expires: Tue, 29 Jun 2021 15:43:34 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A9A9 151 KB
36 KB 40ms
40ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fef93d2044c2f6cdc3b62df65502f2249db4cd43e25a6021bc1222fc765cd11a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:02:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25d43-5c5801f435a55"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36123

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A774 38 KB
14 KB 35ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=34380
expires: Wed, 30 Jun 2021 01:16:34 GMT
date: Tue, 29 Jun 2021 15:43:34 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A9A9 38 KB
14 KB 39ms
36ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:07:52 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-974e-5c4c7cb53d8cb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=34380
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13946
expires: Wed, 30 Jun 2021 01:16:34 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A774 5 KB
6 KB 112ms
37ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39331592&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 28fdcfa76e7d68c58cd434cf7b0b4beff8b3afdfce86bf33955e66fbdb9a9697

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame AF12
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7

35 B
477 B

43ms
42ms

Document
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=1663802560239150747; expires=Sat, 28 Aug 2021 15:43:34 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Thu, 29 Jul 2021 15:43:34 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B1F7
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641

42 B
211 B

105ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-5950442857857654641; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PugT=1624981414; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:34 GMT; path=/
x-lat: lhrpug011:0:420
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5950442857857654641
set-cookie: guid=1.5950442857857654641; Max-Age=31104000; Path=/; Domain=.de17a.com;
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E665 43 B
360 B 110ms
37ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 29 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1239
x-powered-by: ASP.NET
date: Tue, 29 Jun 2021 15:43:34 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1724
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557

42 B
235 B

45ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6979242029760444557&KRTB&23278-6979242029760444557; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PugT=1624981414; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:34 GMT; path=/
x-lat: lhrpug019:0:599
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 29 Jun 2021 15:43:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6979242029760444557; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242029760444557

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame AE6B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBc3kwN0J0bjhBQURlbmtWN0JtZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

55ms
54ms

Document
image/gif

52.208.167.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.167.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAAsy07Btn8AADenkV7Bmg; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Jun 2021 15:43:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 29 Jun 2021 15:43:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B512
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
107 B

44ms
41ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug020:2:551
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=734f9148-3350-4823-a2de-3a2e45dbd12c; path=/; domain=csync.loopme.me; Expires=Thu, 29-Jul-2021 15:43:34 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Tue, 29 Jun 2021 15:43:34 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6210
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003&rndcb=5950410096
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=09b250ed-1718-4876-92a0-020303b8c946&google_hm=MDliMjUwZWQtMTcxOC00ODc2LTkyYTAtMDIwMzAzYjhj...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHXf2P9wM0wlgFF6jvmC2ao&google_cver=1&ssp=adconductor&bsw_param=09b250ed-1718-4876-92a0-020303b8c946
https://sync.1rx.io/usersync/bidswitch/09b250ed-1718-4876-92a0-020303b8c946?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003

42 B
270 B

42ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67; KRTBCOOKIE_80=22987-CAESEPMrNUxGI_WVzuMQP10zz1U&KRTB&16514-CAESEPMrNUxGI_WVzuMQP10zz1U&KRTB&23025-CAESEPMrNUxGI_WVzuMQP10zz1U; PUBMDCID=3; KRTBCOOKIE_153=19420-8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe&KRTB&22979-8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-5950442857857654641; KRTBCOOKIE_377=6810-3d137147-bd65-4734-b063-310c2e2c08d0&KRTB&22918-3d137147-bd65-4734-b063-310c2e2c08d0&KRTB&23031-3d137147-bd65-4734-b063-310c2e2c08d0; KRTBCOOKIE_22=14911-8603148740314628376; KRTBCOOKIE_1101=23040-6979242029760444557&KRTB&23278-6979242029760444557; KRTBCOOKIE_27=16735-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&16736-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&23019-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&23114-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_57=22776-8483164467175405448; PugT=1624981415; KRTBCOOKIE_391=22924-7289088237059482144&KRTB&23263-7289088237059482144
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003&KRTB&17107-RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:35 GMT; path=/ PugT=1624981415; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:35 GMT; path=/
x-lat: lhrpug019:0:335
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003%22%7D; path=/; expires=Wed, 29 Jun 2022 15:43:35 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003
etag: RX5152b47fa94f4cc6bed7e26cdfff03a0003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame C682 42 B
1009 B 45ms
25ms Document
image/gif 2606:4700:3039::6815:c036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c036 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0afa09bbd20000dfa90bb6b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66704572e859dfa9-FRA

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4197
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP

42 B
217 B

44ms
44ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:34 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PugT=1624981414; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:34 GMT; path=/
x-lat: lhrpug002:0:448
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 29 Jun 2021 15:43:34 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=lcabr8MWCUqXubbbyRRlXDvP; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 8852 43 B
408 B 155ms
48ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 29 Jun 2021 15:43:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 55D6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
450 B

169ms
167ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aanoeUx2eNNSE0UdcquJpP4HyM1pyxntnMIZdyLya
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aNnsIHyg6AarA7u8QGkowZb6bZa7H523cxhVGrdNLTdQYHM72ULtoH78JZbZbtTxFx8LZcKJl9g2rjv8BeLGqMW8pYmPq; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:35 GMT; SameSite=None; Secure; ANON_ID_old=aNnsIHyg6AarA7u8QGkowZb6bZa7H523cxhVGrdNLTdQYHM72ULtoH78JZbZbtTxFx8LZcKJl9g2rjv8BeLGqMW8pYmPq; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:35 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0afa09bc98000005c4aa1f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6670457429e305c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 434
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aanoeUx2eNNSE0UdcquJpP4HyM1pyxntnMIZdyLya; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:34 GMT; SameSite=None; Secure; ANON_ID_old=aanoeUx2eNNSE0UdcquJpP4HyM1pyxntnMIZdyLya; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:34 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0afa09bbdd000005c4a50eb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66704572ff3205c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6097
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219

1 B
73 B

42ms
42ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7; chkChromeAb67Sec=1; DPSync3=1625011200%3A174%7C1626134400%3A197_219_201; SyncRTB3=1625788800%3A63%7C1626220800%3A35%7C1626134400%3A230_8_166_55_88_165_176_220_161_234_222_21_56_7_22_54_71_3_13_81_99_204_189%7C1627516800%3A203%7C1625529600%3A223_2_15_67; KRTBCOOKIE_80=22987-CAESEPMrNUxGI_WVzuMQP10zz1U&KRTB&16514-CAESEPMrNUxGI_WVzuMQP10zz1U&KRTB&23025-CAESEPMrNUxGI_WVzuMQP10zz1U; PUBMDCID=3; KRTBCOOKIE_153=19420-8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe&KRTB&22979-8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-5950442857857654641; KRTBCOOKIE_377=6810-3d137147-bd65-4734-b063-310c2e2c08d0&KRTB&22918-3d137147-bd65-4734-b063-310c2e2c08d0&KRTB&23031-3d137147-bd65-4734-b063-310c2e2c08d0; KRTBCOOKIE_22=14911-8603148740314628376; KRTBCOOKIE_1101=23040-6979242029760444557&KRTB&23278-6979242029760444557; KRTBCOOKIE_27=16735-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&16736-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&23019-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&KRTB&23114-uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_57=22776-8483164467175405448; PugT=1624981415; KRTBCOOKIE_391=22924-7289088237059482144&KRTB&23263-7289088237059482144; KRTBCOOKIE_218=22978-YNs-pgACTc3E6AA4&KRTB&23194-YNs-pgACTc3E6AA4&KRTB&23209-YNs-pgACTc3E6AA4&KRTB&23244-YNs-pgACTc3E6AA4; KRTBCOOKIE_594=17105-RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003&KRTB&17107-RX-5152b47f-a94f-4cc6-bed7-e26cdfff03a0-003; KRTBCOOKIE_1074=22956-e_a7ccaee5-6862-4fcd-a43f-2d248829e4df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:35 GMT; path=/
x-lat: lhrpug012:0:498
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-k5srp
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=mAn1GhQEPasJ&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=e270559ce53ce0f0; path=/; HttpOnly; Secure; SameSite=None

GET

rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame AFD9
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5136f149-dac3-4d4f-8652-900e931bf380-tuct7d4c526&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A774
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2OoKoLBoSjKs-D9UjX97xw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

33ms
33ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=18192
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Tue, 29 Jun 2021 20:46:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

SPug
image4.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=636d60db-3fa6-4e00-84fd-f049ed33f15a

0
0

GET

/
pixel.onaudience.com/ Frame A774
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=3d137147-bd65-4734-b063-310c2e2c08d0&icm

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhFQTBBQTAtQjA2OC00QTMyLUFDRjgtM0Y1NDhEN0Y3QkM3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

91ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:356
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPMrNUxGI_WVzuMQP10zz1U&google_cver=1

42 B
596 B

99ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPMrNUxGI_WVzuMQP10zz1U&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:333
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPMrNUxGI_WVzuMQP10zz1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A774 43 B
409 B 45ms
35ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 28 Jun 2021 15:43:34 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7289088237059482144

42 B
235 B

43ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7289088237059482144
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:1208
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7289088237059482144
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&gdpr=0&gdpr_consent=

42 B
340 B

46ms
45ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:407
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 29 Jun 2021 15:45:23 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:152560db-3fa6-4a00-b7fe-7c88e0a4c955&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Jun 2021 15:45:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d137147-bd65-4734-b063-310c2e2c08d0

42 B
293 B

95ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d137147-bd65-4734-b063-310c2e2c08d0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:380
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d137147-bd65-4734-b063-310c2e2c08d0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8483164467175405448&gdpr=0&gdpr_consent=

42 B
367 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8483164467175405448&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:430
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:34 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 29ce8314-b39d-4c4f-92c0-564d00326e44
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8483164467175405448&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A774 43 B
661 B 44ms
36ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 502
Bad Gateway sync
ups.analytics.yahoo.com/ups/58292/ Frame A774 0
0 118ms
38ms Image
text/html 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7&redir=true&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-pgACTc3E6AA4&gdpr=0&gdpr_consent=&_test=YNs-pgACTc3E6AA4

1 B
234 B

42ms
42ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-pgACTc3E6AA4&gdpr=0&gdpr_consent=&_test=YNs-pgACTc3E6AA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:481
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624981415.065007,VS0,VE0
x-served-by: cache-hhn4020-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-pgACTc3E6AA4&gdpr=0&gdpr_consent=&_test=YNs-pgACTc3E6AA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe

42 B
274 B

131ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:359
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FVgDvUDZVjrVzEKpwcpWPMENlvrAzRUpwMWzBhe
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=09b250ed-1718-4876-92a0-020303b8c946&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

42ms
41ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=09b250ed-1718-4876-92a0-020303b8c946&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:442
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=09b250ed-1718-4876-92a0-020303b8c946&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8603148740314628376&gdpr=0&gdpr_consent=&us_privacy=

1 B
169 B

141ms
42ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8603148740314628376&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:775
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8603148740314628376&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A774 0
104 B 98ms
64ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D8EA0AA0-B068-4A32-ACF8-3F548D7F7BC7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame A774 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

95ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:465
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:34 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET apn
ads.playground.xyz/usersync/ Frame A774 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A774
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a7ccaee5-6862-4fcd-a43f-2d248829e4df

42 B
226 B

43ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a7ccaee5-6862-4fcd-a43f-2d248829e4df
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:1206
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a7ccaee5-6862-4fcd-a43f-2d248829e4df
date: Tue, 29 Jun 2021 15:43:35 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 206 583409_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 41ms
40ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583409_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: O2GeFbO8om.KtzbrnUDVnTEnCbgUk4sp
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:53:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "1f0f8fb3ac2fefcca4fcce6e1a40a7b0"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-239455/239456
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:34 GMT
accept-ranges: bytes
Content-Length: 239456
x-amz-cf-id: kChQMkCGupBayOq4Mv5kpC4jDnLFRjMs2nRf2cXrV93MsYu94iKwpA==

GET
H2 200 583401.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 678ms
678ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583401.json?callback=jsonCallback583401&_=1624981407692
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43113ed6116556193af8ce9ebb0b4d106cad6a3f50f0a23916a50d2f9e40b1b5

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:36 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:01 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "2553474adfccc0a40caa0201a8e087e9"
x-cache: Miss from cloudfront
x-amz-version-id: WrOUfm7kcxvLHPbUjZtIqVINZbChvLbn
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 1926
x-amz-cf-id: 980CSsvQH5IqAtc9V4ae7nO_6i2nN9Ft6YfPex2QQCcuNvcur76Oiw==

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame A9A9 27 B
0 215ms
117ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,&us_privacy=&cb=1624981414663&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-6-29%2017:43:35&ranreq=0.12168464530915801&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame EAB8 0
119 B 382ms
125ms XHR
text/plain 3.16.237.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=885e95ce&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2acede25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.16.237.150 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:35 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame EAB8 0
61 B 34ms
32ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1624981414&wa=0&e=96&ier=901
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:35 GMT
content-length: 0
content-type: text/html

GET
H2 206 583401_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 40ms
40ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583401_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: BYd_b4.dl4Lz7fGtEBvpldDyfE0Y2bNn
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:01 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "ac7a709543dd38afe9ec7b7b28bf3896"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-211231/211232
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:35 GMT
accept-ranges: bytes
Content-Length: 211232
x-amz-cf-id: qQgiy2R4cl9rDoEm0QbhCJG-lhJekSlDD_Hf06WpbTG2nECBC4QWUg==

GET
H2 200 583399.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 671ms
670ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583399.json?callback=jsonCallback583399&_=1624981407693
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5928a8d7c7ea5812c09ab122cb83a19b2bf39e5e7e23d8a83c273b5ae4369a33

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:37 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:03 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "28149a4922a584441a1f38842918a6f3"
x-cache: Miss from cloudfront
x-amz-version-id: wT2QDZJ1dXlLs2mJC5MbHtLSdm7t153Q
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2272
x-amz-cf-id: y-sSoZ08BCXSza-RaH4vVSd5SB36aK8SnHwjirgVzTtVumvHANjYtA==

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame E61E 0
166 B 118ms
118ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H3-29 204 collect
analytics.google.com/g/ 0
17 B 28ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oe6n0&_p=98582532&sr=1600x1200&ul=en-us&cid=989508219.1624981409&_s=2&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia&dt=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA%20%7C%20The%20Star&sid=1624981410&sct=1&seg=0&en=page_view_content&_et=2&ep.meta_page_type=Article&ep.meta_content_type=Article&ep.meta_content_id=583188&ep.meta_content_title=MAHB%20to%20open%20private%20Covid-19%20screening%20facilities%20in%20KLIA&ep.meta_content_category=News%2FNation&ep.meta_content_author=NA&ep.meta_content_sp=NA&ep.meta_content_tier=Metered&ep.meta_content_tags=MAHB%2CKLIA%2CKLIA2%2CCOVID-19%20screening%20facility%2Cterminals&ep.meta_content_language=English&ep.meta_content_date=2021-06-29&ep.meta_content_agency=NA&ep.meta_content_byline=NA&ep.meta_content_length=Short&ep.meta_content_category_alt=&ep.meta_content_exclusive=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 120ms
120ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=34411293&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e7525259e4dab42a04d70e12c604a902f19419dceb630a10ca46374e617a6299

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:36 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1366

GET
H2 206 583399_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 40ms
39ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583399_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: HCKyVTOojlOhaFDsP3y7Qg6uAkTxNO67
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:03 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "6b171c28cef624b26611470aeeb83168"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-323167/323168
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:36 GMT
accept-ranges: bytes
Content-Length: 323168
x-amz-cf-id: 8qo-wOR9JEcqWehWbQDddtJNf40xYNt-6zRv-VKoTGlgxJAUVPpQJA==

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 7C87 230 KB
61 KB 41ms
40ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:36 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981416.cds057.am5.hn,1624981416.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 583397.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 690ms
690ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583397.json?callback=jsonCallback583397&_=1624981407694
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42348b50b42b2b88dc8bc07a265735bc85b64ca0f06dff2432f9cccda3529714

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:37 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "0cd682520fa1be93016413b30e377c7f"
x-cache: Miss from cloudfront
x-amz-version-id: TcbGmIsoLpgxxLPY.lP6Ypjw307uRTXx
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 1940
x-amz-cf-id: iDIO0xkbZMxTOCvNSFq14Iy7T3Pr3mmWVRc2oXdjKwsVa9kdUSxH6A==

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame E6E1 4 KB
2 KB 40ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:36 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981416.cds057.am5.hn,1624981416.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 7C87 26 KB
3 KB 159ms
159ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=34411293&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ae2c3c52dbf75819fc5d7488b23bf67387f982a61c54df0bc12255641b13f35f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:36 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3240

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 351ms
351ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=34411293&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:36 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame E6E1 0
0

GET

cs
cs.lkqd.net/ Frame E6E1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

0
0

GET

cs
cs.lkqd.net/ Frame E6E1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 319A 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:36 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 v2qzd3iS1O0lz89tp958B0a-C6i-PP9Sy6FA57gAeFt_WDqeB8PZGKrVjKlbdxSeMv6M3K74 Show response
handyfireman.com/ 216 B
615 B 128ms
47ms Fetch
application/json 35.190.74.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://handyfireman.com/v2qzd3iS1O0lz89tp958B0a-C6i-PP9Sy6FA57gAeFt_WDqeB8PZGKrVjKlbdxSeMv6M3K74

Requested by

Host: j93557g.com
URL: https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

745df2476ae521dfdefdfbafae238d97aa24ca5df89f6e4acbfec465c4be9d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 29 Jun 2021 15:43:37 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: f8becdc5
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 29 Jun 2021 15:43:36 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 67ms
67ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=712581378&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:37 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 59ms
59ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:37 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 475ms
131ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:37 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

POST
H2 200 v2lfqVRbXRC1f4D6wpNHNMYmjPjVVro58y_epxBcfwKaKHCx8_jnxx2r6TW_t1QBVNYH4bwA Show response
handyfireman.com/ 3 B
36 B 60ms
60ms Fetch
application/json 35.190.74.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://handyfireman.com/v2lfqVRbXRC1f4D6wpNHNMYmjPjVVro58y_epxBcfwKaKHCx8_jnxx2r6TW_t1QBVNYH4bwA

Requested by

Host: j93557g.com
URL: https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 29 Jun 2021 15:43:37 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
x-hostname: f8becdc5
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 206 583397_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 42ms
42ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583397_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: T5IqZb_H2xX1miFeDxxN.ySz6EXI7217
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "e3c3f5bc815ffc30caa19a2202948025"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-219007/219008
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:37 GMT
accept-ranges: bytes
Content-Length: 219008
x-amz-cf-id: kPN8asPKzxNcId2XqhuJzXhG0IaIMbFoEETZun_dnu2dJGm9IM78MQ==

GET
H2 200 583392.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 666ms
665ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583392.json?callback=jsonCallback583392&_=1624981407695
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beb84755189e52d76c59cf002fb5601c60492a580d75da2158568c79469ac642

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:06 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "7c9347c51d0ad253c3ab0205461c7900"
x-cache: Miss from cloudfront
x-amz-version-id: A4hn7LJOr4NaQzRNzNcsSCtBpubw2cYS
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2483
x-amz-cf-id: fa1cnVvTuu71uGkB25BT9dRnKj253HCpACiPCgS45omQnS_9K6-35g==

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 319A 0
166 B 119ms
119ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:37 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 319A 0
166 B 118ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:37 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 206 583392_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 56ms
55ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583392_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: YO7V.qtfAdVwEzyVkGtkI7LZhz505P5c
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:06 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "9a19ade5d66f513f2fc803e12610cca5"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-322687/322688
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:37 GMT
accept-ranges: bytes
Content-Length: 322688
x-amz-cf-id: mcONbj2NRNrtpcGjWNsSUI97cEJJPd9Ari9zUCgihkZakk6P1wvWSw==

GET
H2 200 583390.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 210ms
209ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583390.json?callback=jsonCallback583390&_=1624981407696
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1113bdd5bb17d34a4fc00e64a665ae59dfbfa99504f2511553971af9e5dd1aa6

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:09 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "4faed9305dabc92a8903a7c0c8a08736"
x-cache: Miss from cloudfront
x-amz-version-id: mHo7EmXjLLi0R47YblryyFteF5I7tQgB
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2541
x-amz-cf-id: ihgOdYemO3WQDLTiu0VaB-1aqxh0yP8Wm6xkp2E43EGywgGp7efcbQ==

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 122ms
121ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=28193139&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f1498b3409b1bf1885567b632f01d25242fcd6c7b9aead35c331d352dd4cd76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1367

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8B9C 230 KB
61 KB 40ms
40ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981418.cds057.am5.hn,1624981418.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 206 583390_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 41ms
40ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583390_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: h1J5m0l3ITi8enlb6VPCot9gS3.tVwzI
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:08 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "1146c917b608876625c3bf20a18c85a5"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-387679/387680
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:43:38 GMT
accept-ranges: bytes
Content-Length: 387680
x-amz-cf-id: luJdVAKSMNoTFMhCfZK6kv8lqX7LxwZsyhlURykQExMgCW9Ub4wPZg==

GET
H2 200 583387.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 669ms
669ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583387.json?callback=jsonCallback583387&_=1624981407697
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b12b83558e6df4c0879d1aa4296c708c345e80614f6bf951c348e8a6ad79ac6c

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "47ff6cf8432153468128dec513dfd695"
x-cache: Miss from cloudfront
x-amz-version-id: WrjLygJiX11IOSM_LaB.sTrPOMNFngZM
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2207
x-amz-cf-id: 2QbPsg4Us09CC4RnjM-Id_1fTq8ItKkc1E1wlzug-XGhG26JZJ7tUA==

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7502 4 KB
2 KB 42ms
42ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981418.cds057.am5.hn,1624981418.cds257.am5.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 117ms
116ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=28193139&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:38 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8B9C 26 KB
3 KB 167ms
167ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=28193139&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: bd5ee559ca64cb7dd98905a27b58a79c1f7d5ace4efb5e6b80fe1cd22cc99f5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3239

GET cs
cs.lkqd.net/ Frame 7502 0
0

GET

cs
cs.lkqd.net/ Frame 7502
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

0
0

GET

cs
cs.lkqd.net/ Frame 7502
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 721E 0
166 B 118ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 91ms
91ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1569381096&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 43ms
43ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:38 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 139ms
138ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:38 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 122ms
122ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 721E 0
166 B 119ms
118ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 721E 0
166 B 118ms
118ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 206 583387_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 34ms
33ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583387_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 1K7MrgBFAE0.4m62E4becLYonVZImYUl
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:10 GMT
server: AmazonS3
age: 104
etag: "b78725fa70108f3f5c3f69ef85333389"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-257791/257792
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:41:58 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 257792
x-amz-cf-id: z4r6euyXJWYVqns__TjnK9BOENEI8JQuok-ZEIb38Fwr16TwC-JalA==

GET
H2 200 583384.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 673ms
672ms Script
application/json 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/583384.json?callback=jsonCallback583384&_=1624981407698
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad359cec5315b0cad9fbd906d97035756db90165eb51779bd3f21fd407cd7489

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "6862a957b05821952aecc53b47f41c33"
x-cache: Miss from cloudfront
x-amz-version-id: CQHwpOfdJKvhcWNeqiZyXfwUSQcQ89TU
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 1993
x-amz-cf-id: vvXMstDcWhhADsT6SX99Er6hfLYUtr0I94S3LD8x0qpGb_F71INTXA==

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 133ms
132ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=27277852&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: cc0806a64fd16aada3580c87fce8aa9af42b64b333050aa535849a916f965a9b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1368

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame E23E 230 KB
61 KB 43ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981419.cds057.am5.hn,1624981419.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame ABCE 4 KB
2 KB 44ms
44ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981419.cds057.am5.hn,1624981419.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame E23E 26 KB
3 KB 137ms
136ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=27277852&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a23357ddf37c763871c40f696b5a1349390e53fe183e6e9877b4f26475522b4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3239

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 253ms
252ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=27277852&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:39 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame ABCE 0
0

GET

cs
cs.lkqd.net/ Frame ABCE
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

0
0

GET

cs
cs.lkqd.net/ Frame ABCE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A00 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 124ms
124ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 206 583384_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 38ms
38ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/583384_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bPNr.ls68N_ZWXT5Vxkwq5v7HiLP40d4
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:12 GMT
server: AmazonS3
age: 102
etag: "58a04a6ad78a3366c5e86abc72bcdfd6"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-251359/251360
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:41:59 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 251360
x-amz-cf-id: pawqdfAZhSJCZOU0Pi1aytFmYd5YUt8uZA0wrAqBBVkWxlLC36nwaA==

GET
H2 206 intro.mp3
cdn.thestar.com.my/Content/Audio/ 19 KB
19 KB 42ms
42ms Media
audio/mpeg 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/intro.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65323046e59d031f5015e4cb0930cc50959d9947d3cd6034b39c3e504f1cdb4a

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 7tDsjr2WMrOHAGuBdSB5ZMWBOxJhKXGb
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 14:54:23 GMT
server: AmazonS3
age: 101
etag: "e973a9367a0650c99a8eff204d51b55c"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-19327/19328
cache-control: max-age=180
date: Tue, 29 Jun 2021 15:41:59 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 19328
x-amz-cf-id: 1yT_NoNMqN2Dc7Z9YVLLt1W6JN_3DQ0f1whia7pv_S-YVvom0juQ1g==

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 66ms
66ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1799981471&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 43ms
43ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:39 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 145ms
144ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:39 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 123ms
122ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A00 0
166 B 121ms
121ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A00 0
166 B 119ms
119ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 127ms
127ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=94071654&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: facb43fca302a97e142329f0531eb90c6bf90f84fad8327be364030dc1bdc67f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1369

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame E272 230 KB
61 KB 42ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981420.cds057.am5.hn,1624981420.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B312 4 KB
2 KB 41ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981420.cds057.am5.hn,1624981420.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame E272 34 KB
4 KB 154ms
154ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=94071654&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: fcd9c41507f7ea55383f06c40844db5ca4c911b1bda518943151dc60b8f137e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4230

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 118ms
118ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=94071654&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:40 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame B312 0
0

GET

cs
cs.lkqd.net/ Frame B312
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

0
0

GET

cs
cs.lkqd.net/ Frame B312
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 0B9F 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 68ms
67ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=91689966&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:40 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 43ms
43ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 138ms
138ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:40 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 124ms
123ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 0B9F 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E272 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_43841c86.js Show response
vpaid.springserve.com/production/ Frame 2C67 484 KB
86 KB 14ms
13ms Script
application/javascript 2600:9000:2104:5800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_43841c86.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af5ff26edabfeec74973850ae1562da7587f845a2ccef46b60a4a7452fc61d6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 14:38:41 GMT
content-encoding: br
last-modified: Mon, 21 Jun 2021 18:45:33 GMT
server: AmazonS3
age: 608700
etag: W/"7c1dc106ce43d5952d4ed3073dd34725"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: EzFkfOPWkZgV9x18kiSvZDVKYuHWE1mfHSkWPq6Vuc8DFyylJk-drg==

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 2C67 0
219 B 332ms
256ms XHR
application/json 18.194.215.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_43841c86.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.215.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 t Show response
t.lkqd.net/ Frame 0B9F 0
166 B 120ms
120ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2C67 962 B
849 B 34ms
33ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_43841c86.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e94577b6e3455d4f3ff16493a73bd9b4b975c35fb1ce4d39baf9dc5565a9266

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 588
expires: Tue, 29 Jun 2021 15:43:41 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6E02 151 KB
36 KB 46ms
46ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fef93d2044c2f6cdc3b62df65502f2249db4cd43e25a6021bc1222fc765cd11a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:02:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25d43-5c5801f435a55"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36123

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 25D3 38 KB
14 KB 38ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=34373
expires: Wed, 30 Jun 2021 01:16:34 GMT
date: Tue, 29 Jun 2021 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6E02 38 KB
14 KB 35ms
34ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:07:52 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-974e-5c4c7cb53d8cb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=34373
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13946
expires: Wed, 30 Jun 2021 01:16:34 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 25D3 5 KB
6 KB 37ms
36ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54631346&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0b8f714957092e50504368d2e29b38e536b25f72afc461e49f88d65491eadfad

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:40 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 7B5E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA

35 B
468 B

44ms
44ms

Document
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=3280285876375667304; expires=Sat, 28 Aug 2021 15:43:41 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Thu, 29 Jul 2021 15:43:41 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM1zHcneRcbSC98fSoPXhp4&google_cver=1

42 B
281 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM1zHcneRcbSC98fSoPXhp4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:569
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM1zHcneRcbSC98fSoPXhp4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 25D3 43 B
612 B 37ms
35ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 28 Jun 2021 15:43:41 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EE87
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892

42 B
211 B

42ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_153=19420-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK&KRTB&22979-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK; PugT=1624981421; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&16736-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23019-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23114-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_1074=22956-e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-3782852116885137892; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PugT=1624981421; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/
x-lat: lhrpug015:0:384
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3782852116885137892
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6901880369249929382

42 B
234 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6901880369249929382
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:289
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6901880369249929382
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&gdpr=0&gdpr_consent=

42 B
340 B

42ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:396
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 29 Jun 2021 15:45:30 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Jun 2021 15:45:29 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7cb7db1b-0e9e-414b-8f09-12182851dec8

42 B
292 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7cb7db1b-0e9e-414b-8f09-12182851dec8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:504
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7cb7db1b-0e9e-414b-8f09-12182851dec8
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 54A6 43 B
360 B 37ms
36ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 29 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1166
x-powered-by: ASP.NET
date: Tue, 29 Jun 2021 15:43:40 GMT
content-length: 43

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5664362599100432377&gdpr=0&gdpr_consent=

42 B
210 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5664362599100432377&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:803
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:41 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 742ebcd2-64ad-4d0d-9e67-82a6c9b66044
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5664362599100432377&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK

42 B
574 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:574
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 08AE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335

42 B
234 B

42ms
41ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_153=19420-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK&KRTB&22979-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK; PugT=1624981421; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&16736-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23019-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23114-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_1074=22956-e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9; KRTBCOOKIE_80=22987-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&16514-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&23025-CAESEM1zHcneRcbSC98fSoPXhp4; KRTBCOOKIE_391=22924-6901880369249929382&KRTB&23263-6901880369249929382
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6979242059822856335&KRTB&23278-6979242059822856335; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PugT=1624981421; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/
x-lat: lhrpug010:0:383
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 29 Jun 2021 15:43:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6979242059822856335; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979242059822856335

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 972B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYktVN0J0bjhBQURkWXl5ajRSUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

60ms
59ms

Document
image/gif

52.208.167.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.167.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAAbKU7Btn8AADdYyyj4RQ; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Jun 2021 15:43:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 29 Jun 2021 15:43:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:585
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:40 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame ED96
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
89 B

42ms
41ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug018:2:354
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=d7bb9c45-0066-4fea-bb6e-77ef0a40ef5f; path=/; domain=csync.loopme.me; Expires=Thu, 29-Jul-2021 15:43:41 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Tue, 29 Jun 2021 15:43:41 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7FBE
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2595742299
https://sync.1rx.io/usersync/tradedesk/7cb7db1b-0e9e-414b-8f09-12182851dec8
https://sync.targeting.unrulymedia.com/csync/RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003

42 B
268 B

42ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_153=19420-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK&KRTB&22979-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK; PugT=1624981421; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&16736-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23019-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23114-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_1074=22956-e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9; KRTBCOOKIE_80=22987-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&16514-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&23025-CAESEM1zHcneRcbSC98fSoPXhp4; KRTBCOOKIE_391=22924-6901880369249929382&KRTB&23263-6901880369249929382; KRTBCOOKIE_336=5844-3782852116885137892; KRTBCOOKIE_377=6810-7cb7db1b-0e9e-414b-8f09-12182851dec8&KRTB&22918-7cb7db1b-0e9e-414b-8f09-12182851dec8&KRTB&23031-7cb7db1b-0e9e-414b-8f09-12182851dec8; KRTBCOOKIE_1101=23040-6979242059822856335&KRTB&23278-6979242059822856335; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_22=14911-3126483521385627928; KADUSERCOOKIE=1B04AB75-2FB5-4861-AC7E-FFB3B965CC4A; SPugT=1624981421; KRTBCOOKIE_57=22776-5664362599100432377; KRTBCOOKIE_218=22978-YNs-rQACN7Rq2QAC&KRTB&23194-YNs-rQACN7Rq2QAC&KRTB&23209-YNs-rQACN7Rq2QAC&KRTB&23244-YNs-rQACN7Rq2QAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003&KRTB&17107-RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/ PugT=1624981421; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/
x-lat: lhrpug012:0:493
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003%22%7D; path=/; expires=Wed, 29 Jun 2022 15:43:41 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5538a92-4ae8-423f-a20f-e0ed25d1c6e5-003
etag: RXb5538a924ae8423fa20fe0ed25d1c6e5003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 7047 42 B
165 B 19ms
18ms Document
image/gif 2606:4700:3039::6815:c036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c036 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0afa09d60c0000dfa90e3fa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6670459cef44dfa9-FRA

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A5A0
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP

42 B
217 B

42ms
41ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PugT=1624981421; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:43:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/
x-lat: lhrpug013:0:451
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 29 Jun 2021 15:43:41 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=lcabr8MWCUqXubbbyRRlXDvP; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lcabr8MWCUqXubbbyRRlXDvP
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 004B 43 B
408 B 124ms
43ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 29 Jun 2021 15:43:41 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame AFBC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
415 B

170ms
170ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aanoeUx2eNNSE0UdcqZaJpP4HyM1pywjtnqZbF2fCs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aCnseFO5nP97PRo7UVbywICTBQIKa2ZbCfXtTjTRTm6oimq4Lt6XUmmqLyJET0NhvmV5PvjTXIlWBMX6JLhwP; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:41 GMT; SameSite=None; Secure; ANON_ID_old=aCnseFO5nP97PRo7UVbywICTBQIKa2ZbCfXtTjTRTm6oimq4Lt6XUmmqLyJET0NhvmV5PvjTXIlWBMX6JLhwP; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:41 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0afa09d6c0000005c48caf7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6670459dfd0805c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 4012
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aanoeUx2eNNSE0UdcqZaJpP4HyM1pywjtnqZbF2fCs; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:41 GMT; SameSite=None; Secure; ANON_ID_old=aanoeUx2eNNSE0UdcqZaJpP4HyM1pywjtnqZbF2fCs; path=/; domain=.tribalfusion.com; expires=Mon, 27-Sep-2021 15:43:41 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0afa09d610000005c498080000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6670459cea0e05c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9

42 B
226 B

42ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:367
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9
date: Tue, 29 Jun 2021 15:43:41 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 94F5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219

1 B
88 B

42ms
41ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_153=19420-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK&KRTB&22979-GETlZh0S4GADTOI9SkGsMEpEsWYDFrU2Fk2im5HK; PugT=1624981421; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&16736-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23019-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c&KRTB&23114-uid:95ac60db-3fad-4800-a30d-1d135b26cf7c; KRTBCOOKIE_409=22966-lcabr8MWCUqXubbbyRRlXDvP; KRTBCOOKIE_1074=22956-e_d4e869e3-830a-4d5c-a8c8-c63de59a1fa9; KRTBCOOKIE_80=22987-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&16514-CAESEM1zHcneRcbSC98fSoPXhp4&KRTB&23025-CAESEM1zHcneRcbSC98fSoPXhp4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:41 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:43:41 GMT; path=/
x-lat: lhrpug007:0:383
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-qtq8r
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=qVZ1lJgklhUI&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=1922098e4c1fc9b1; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 09F8
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

97ms
38ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 29 Jun 2021 15:43:41 GMT
via: 1.1 varnish
x-served-by: cache-hhn11555-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1624981422.748584,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 29-Jun-2022 15:43:41 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=108f89ce-a987-4002-a3ef-d3d1ac5a3b50-tuct7d4c52d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 29 Jun 2021 15:43:35 GMT
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1624981416.557549,VS0,VE58
x-vcl-time-ms: 58
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 25D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5bqLxU8hQm-bS4W6XmU4-g%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5bqLxU8hQm-bS4W6XmU4-g%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

33ms
32ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=18185
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Tue, 29 Jun 2021 20:46:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd9d60db-3fad-4000-ac6a-5589d94e266f

0
369 B

126ms
43ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd9d60db-3fad-4000-ac6a-5589d94e266f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 29 Jun 2021 15:45:30 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd9d60db-3fad-4000-ac6a-5589d94e266f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Jun 2021 15:45:29 GMT

GET

tp=CLOD
sync.crwdcntrl.net/map/c=8587/ Frame 25D3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTVCQThCQzUtNEYyMS00MjZGLTlCNEItODVCQTVFNjUzOEZB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

43ms
43ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:1440
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 25D3 43 B
574 B 33ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 502
Bad Gateway sync
ups.analytics.yahoo.com/ups/58292/ Frame 25D3 0
0 119ms
39ms Image
text/html 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA&redir=true&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-rQACN7Rq2QAC&gdpr=0&gdpr_consent=&_test=YNs-rQACN7Rq2QAC

1 B
236 B

42ms
42ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-rQACN7Rq2QAC&gdpr=0&gdpr_consent=&_test=YNs-rQACN7Rq2QAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:506
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624981422.825507,VS0,VE0
x-served-by: cache-hhn4020-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNs-rQACN7Rq2QAC&gdpr=0&gdpr_consent=&_test=YNs-rQACN7Rq2QAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=df1fde50-2511-4821-b600-5f5bfd0254e6&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd7b5009-8fca-41ba-be6b-122840610dd8&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

42ms
42ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd7b5009-8fca-41ba-be6b-122840610dd8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:623
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd7b5009-8fca-41ba-be6b-122840610dd8&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 29 Jun 2021 15:43:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3126483521385627928&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

42ms
42ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3126483521385627928&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:666
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3126483521385627928&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 25D3 0
103 B 12ms
12ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E5BA8BC5-4F21-426F-9B4B-85BA5E6538FA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1a0901ea-6210-4fde-bd85-4ffc7b2d9247&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

42ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1a0901ea-6210-4fde-bd85-4ffc7b2d9247&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:530
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1a0901ea-6210-4fde-bd85-4ffc7b2d9247&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 29 Jun 2021 15:43:41 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 25D3
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5664362599100432377

42 B
111 B

42ms
41ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5664362599100432377
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:454
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:41 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ba176b02-e546-4818-aac8-25720aac2ebe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5664362599100432377
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6E02 27 B
0 106ms
106ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,&us_privacy=&cb=1624981421473&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-6-29%2017:43:41&ranreq=0.24891368440065365&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:42 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 dc_oe=ChMI64_-vZe98QIVxPd3Ch0O-wo8EAAYACCVrZYvQhMIhMCqvZe98QIVQhGLCh3u8wv4;met=1;&timestamp=1624981422044;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2128 42 B
515 B 141ms
68ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI64_-vZe98QIVxPd3Ch0O-wo8EAAYACCVrZYvQhMIhMCqvZe98QIVQhGLCh3u8wv4;met=1;&timestamp=1624981422044;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlsCAvpe98QIVkNJ3Ch2e7gxEEAAYACCqnbYvQhMInOSxvZe98QIVKYaDBx2ePQFy;met=1;&timestamp=1624981422044;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DE3F 42 B
107 B 142ms
68ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlsCAvpe98QIVkNJ3Ch2e7gxEEAAYACCqnbYvQhMInOSxvZe98QIVKYaDBx2ePQFy;met=1;&timestamp=1624981422044;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 2C67 0
118 B 125ms
125ms XHR
text/plain 3.16.237.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=0fd5669a&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_43841c86.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.16.237.150 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2C67 0
61 B 32ms
31ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1624981421&wa=0&e=96&ier=901
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:42 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 0B9F 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 119ms
118ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=68137802&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d66988d14eee2df322fec90cd8b25838e5dd531179ef3ceb0d5d018fba52c0b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:42 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1372

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 65B0 230 KB
61 KB 40ms
39ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:42 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981422.cds057.am5.hn,1624981422.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 1A25 4 KB
2 KB 44ms
43ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:42 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981422.cds057.am5.hn,1624981422.cds257.am5.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 150ms
150ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=68137802&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:43 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 65B0 33 KB
4 KB 951ms
951ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=68137802&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 184ac62bedbfa18cbaf179ffe7f74ef3a1a297e932ebb312ed6121e8e1c1cfc5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3531

GET cs
cs.lkqd.net/ Frame 1A25 0
0

GET

cs
cs.lkqd.net/ Frame 1A25
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126483521385627928

0
0

GET

cs
cs.lkqd.net/ Frame 1A25
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=x0rmWqXiSzhbz_kuNKvkoVm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 7EEE 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 69ms
69ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=737687723&w=400&h=225&skip=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:44 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
743 B 44ms
44ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:44 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET

sync
ups.analytics.yahoo.com/ups/56465/ Frame E58E
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-srsSnAFE2p7LssORUmsQFwPfWJw357JUs.d2~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-srsSnAFE2p7LssORUmsQFwPfWJw357JUs.d2~A&_origin=0&nsync=1&apid=VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a

0
0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ Frame E58E 27 B
334 B 132ms
131ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=http%3A%2F%2Fwww.thestar.com.my%2F&maxduration=119&skip=0&site.domain=thestar.com.my&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:43 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

POST
H2 200 t Show response
t.lkqd.net/ Frame 7EEE 0
166 B 119ms
119ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 7EEE 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/ Frame E58E
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.h...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=433144025&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.heigh...
https://pr-bh.ybp.yahoo.com/sync/adtech/VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&apid=UPcb0b542a-d8f0-11eb-93b1-02c8291bccce

227 B
1 KB

712ms
637ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&apid=UPcb0b542a-d8f0-11eb-93b1-02c8291bccce

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:43:48 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 1
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Tue, 29 Jun 2021 15:43:47 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-S6qnXRRE2p7eBUsSNMLAyvNFh3wqjM2unVkB~A&_origin=0&nsync=1&apid=UPcb0b542a-d8f0-11eb-93b1-02c8291bccce
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 7EEE 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 177ms
177ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=71036377&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 679777a3dbf10f9478f44adfb23cacba945c6d7ee3d89a88f9e1e04eb404f55c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:48 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1365

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 99CF 230 KB
61 KB 54ms
54ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:49 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981429.cds057.am5.hn,1624981429.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame A1C2 4 KB
2 KB 49ms
49ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:49 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981429.cds057.am5.hn,1624981429.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 99CF 18 KB
3 KB 536ms
536ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=71036377&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7852417a592ad38ff3c87b7256d87745e4ea703cff3b5768a9878e26f064e948

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:49 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2816

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 118ms
118ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=71036377&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:49 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame A1C2 0
0

GET

cs
cs.lkqd.net/ Frame A1C2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2539419078943932696

0
0

GET

cs
cs.lkqd.net/ Frame A1C2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame F71A 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 76ms
76ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=355429600&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:49 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 56ms
56ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 123ms
123ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame F71A 0
166 B 118ms
118ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame F71A 0
166 B 121ms
121ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 184ms
184ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=62804506&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 704e74f96ff904f7cc6f6098554d0adb250bd324c4fed3fb148a9cf100fbac21

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:50 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1368

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 9515 230 KB
61 KB 44ms
44ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:50 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981430.cds057.am5.hn,1624981430.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2800 4 KB
2 KB 40ms
39ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:50 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981430.cds057.am5.hn,1624981430.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 9515 18 KB
3 KB 657ms
657ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=62804506&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d4764812e5f6c2ec503a6a383f0d7bb29cf04131b42cf87d147ff651829c52ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2811

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 124ms
124ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=62804506&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:50 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame 2800 0
0

GET

cs
cs.lkqd.net/ Frame 2800
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8518230158766604568

0
0

GET

cs
cs.lkqd.net/ Frame 2800
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 51E3 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 68ms
68ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=435709&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 48ms
48ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:51 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 51E3 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:51 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 51E3 0
166 B 120ms
120ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:51 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 212ms
211ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=66241472&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f23aae60b09bf0c3b97dc33017df136b0b1da3f88125cce3e72b763088ac041d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:52 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1366

GET
H2 200 dc_oe=ChMI64_-vZe98QIVxPd3Ch0O-wo8EAAYACCVrZYvQhMIhMCqvZe98QIVQhGLCh3u8wv4;met=1;&timestamp=1624981432044;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 2128 42 B
107 B 69ms
68ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI64_-vZe98QIVxPd3Ch0O-wo8EAAYACCVrZYvQhMIhMCqvZe98QIVQhGLCh3u8wv4;met=1;&timestamp=1624981432044;eid1=2;ecn1=0;etm1=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlsCAvpe98QIVkNJ3Ch2e7gxEEAAYACCqnbYvQhMInOSxvZe98QIVKYaDBx2ePQFy;met=1;&timestamp=1624981432044;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame DE3F 42 B
107 B 68ms
68ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlsCAvpe98QIVkNJ3Ch2e7gxEEAAYACCqnbYvQhMInOSxvZe98QIVKYaDBx2ePQFy;met=1;&timestamp=1624981432044;eid1=2;ecn1=0;etm1=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:43:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame BB83 230 KB
61 KB 41ms
40ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:52 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981432.cds057.am5.hn,1624981432.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame BBDF 4 KB
2 KB 48ms
47ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:52 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981432.cds057.am5.hn,1624981432.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame BB83 26 KB
4 KB 161ms
161ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=66241472&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c522d6e03a153e1c8af9627a204085508a2ce02361ae2c418bc00c4d1f025ef3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:52 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3390

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 177ms
177ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=66241472&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:52 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame BBDF 0
0

GET

cs
cs.lkqd.net/ Frame BBDF
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

0
0

GET

cs
cs.lkqd.net/ Frame BBDF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame AC8C 0
166 B 117ms
116ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 342ms
342ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 83ms
83ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1236993711&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame E58E 67 B
583 B 428ms
115ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C15367126683156340222122787520%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:43:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1624981432828048-419
Expires: Tue, 29 Jun 2021 15:43:52 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 279ms
278ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:52 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame AC8C 0
166 B 118ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:53 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame AC8C 0
166 B 123ms
123ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:53 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 119ms
118ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=40487356&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 72fc1ec2ce2fe792586f85ceba88888ff1bed2c75050e0c9f4cfcf6787de069f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:53 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1370

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame DD77 230 KB
61 KB 47ms
46ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:53 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981433.cds057.am5.hn,1624981433.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 63F2 4 KB
2 KB 39ms
39ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:53 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981433.cds057.am5.hn,1624981433.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame DD77 18 KB
3 KB 912ms
912ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=40487356&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d578371ee269c80ded895a92faae239532cea52daff661226da6cc956f882698

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:54 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2814

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 116ms
116ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=40487356&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:53 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame 63F2 0
0

GET

cs
cs.lkqd.net/ Frame 63F2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

0
0

GET

cs
cs.lkqd.net/ Frame 63F2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame CFC4 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:54 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 122ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 66ms
66ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=9064576&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:54 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 44ms
44ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:54 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
120ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame CFC4 0
166 B 121ms
121ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:54 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame CFC4 0
166 B 121ms
121ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:55 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 118ms
118ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=35588719&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6ee26e8c6b016d47d1922ac7b1a9bfd280e61ac6cbd3cc99da1d60d163b20e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:55 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1372

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame C9FC 230 KB
61 KB 42ms
41ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:55 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981435.cds057.am5.hn,1624981435.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7EFB 4 KB
2 KB 43ms
42ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:55 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981435.cds057.am5.hn,1624981435.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame C9FC 19 KB
3 KB 649ms
649ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=35588719&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9adf355cb64b5eec998a4fcead5946e0d603df75c76916befb4a01fd6ed87a7b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:56 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3067

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 117ms
117ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=35588719&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:55 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame 7EFB 0
0

GET

cs
cs.lkqd.net/ Frame 7EFB
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

0
0

GET

cs
cs.lkqd.net/ Frame 7EFB
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 6C84 0
166 B 118ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:55 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 72ms
69ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=2063536519&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:56 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 44ms
43ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:56 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 6C84 0
166 B 117ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:56 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 6C84 0
166 B 119ms
119ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:56 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6A9B 2 KB
2 KB 149ms
149ms XHR
application/xml 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=73269244&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b87a586b7b53018450e2b49bae22f45318d64f47d8c0f9497d943f1be57c1867

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:56 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1367

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 2F53 230 KB
61 KB 41ms
41ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:57 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1624981437.cds057.am5.hn,1624981437.cds300.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame D670 4 KB
2 KB 39ms
39ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:57 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1624981437.cds057.am5.hn,1624981437.cds257.am5.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 2F53 18 KB
3 KB 336ms
335ms XHR
application/json 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=73269244&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 11b92b9da8ba6a8d217fdc010c0b9874f110b9a68070195164b8c8b88418b725

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Jun 2021 15:43:57 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2815

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 185ms
185ms Preflight 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=73269244&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:57 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame D670 0
0

GET

cs
cs.lkqd.net/ Frame D670
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2694225918088282392

0
0

GET

cs
cs.lkqd.net/ Frame D670
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qH1QAQ5KTwp7fqwLml84eVm7qN0

0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 83FC 0
166 B 119ms
119ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:57 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ Frame E58E 0
143 B 67ms
66ms XHR
text/plain 18.194.149.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=249368117&w=400&h=225&skip=1&ip=89.187.168.221&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=AT&pid=56965&sid=11272&sname=&d=thestar.com.my&sp=http%3A%2F%2Fwww.thestar.com.my%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E58E 65 B
650 B 44ms
44ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1036882&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:43:57 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 122ms
121ms Preflight
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 29 Jun 2021 15:43:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 83FC 0
166 B 120ms
120ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:58 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 83FC 0
166 B 118ms
117ms XHR
text/plain 146.20.132.47
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Tue, 29 Jun 2021 15:43:58 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/et_v1.0.1708-0-g52a14ef.js

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Domain: rx-stats3.unrulymedia.com
URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=17a587090d73771e2bb8dc6&clientver=v1.0.1708-0-g52a14ef&siteid=1062187&iframe=true&compat=CSS1Compat&pageloadid=17a587090d719b51f02afdc&cb=1624981410007&siteenv=html&doc_type=outstream_pread_event

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_lASvVpvbxDMIUnsU0Al_ZjnTpK6EXG3ACP8qcToazlgNE1FsfzOP7K4lrZD0E0uJCXkNucOhmfRQsaj8NjlGuSpu3fJj_nN_vMUSuEYl_viWx2GI&sig=Cg0ArKJSzB4xYawvPosGEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210628&bin=7&avms=ns&bs=0,0&mc=0&app=0&itpl=19&adk=4031814106&rs=4&la=0&cr=0&vs=2&eosm=0&r=u

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf1KdYKTEhEV7F89VmJY3IbyOqZQwspyMQD0M7MfPM-vHs316i6ffyk0eNNV0HOW3C71i2ctjjtNhaVEDy8GxRA-4TDac4HsENs8F5zvdxftncxTga&sig=Cg0ArKJSzFE_MheIln2bEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210628&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1690029205&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1624981409051&rpt=480&isd=0&msd=0&esd=0&r=u

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-ASPrnNQ-eQNKakl1KC3QI1s3FyZU3iHDUiCp40RAFrDmT0qfdXIWQE67fWzgCgYG49H4WoHpKv-Ejv46IJLwoHokflz0UNxnDoo46wi6c_Vz0scs&sig=Cg0ArKJSzK6aKlKUDmT0EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210628&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=3377693787&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1624981410225&rpt=420&isd=0&esd=0&r=u

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1Um4MFqSRfBYOteMWpEttVm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8531091146276700440

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ykHQ3-BwSPdhPLAd1rKpdlm7qN0

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=cd6cddc5-4dca-4d77-9a65-8b894400e772&u=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2021%2F06%2F29%2Fmahb-to-open-private-covid-19-screening-facilities-in-klia

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNs_o1oXlffGQevo0YHMXwAABKMAAAIB&google_gid=CAESEGMLy-eteRA_fjaiY7dUtQI&google_cver=1&google_push=AYg5qPKNkpw5bRwocUOL_0jd7aom1Clu5uBxn5Jd8x-qn9ktmL6nTEcAWUqGLDwwmZ5BFyVRnCLEc4phBCnGwjlOZLRPBFJONkxn

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-HLQicwdE2p4Xq2FqXAYZdloCX2I9BWMF00uW~A&_origin=0&nsync=1&apid=VAc26a78ef-d8f0-11eb-aa11-025d80eddc4f

Domain: match.taboola.com
URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5136f149-dac3-4d4f-8652-900e931bf380-tuct7d4c526&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=636d60db-3fa6-4e00-84fd-f049ed33f15a

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=147&mapped=3d137147-bd65-4734-b063-310c2e2c08d0&icm

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: ads.playground.xyz
URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8603148740314628376

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=5_8NrOEtQdpmy_IuFJ42ilm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8314913966116405528

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fK_M84awQhBzAk5EQfptd1m7qN0

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126483521385627928

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=x0rmWqXiSzhbz_kuNKvkoVm7qN0

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-srsSnAFE2p7LssORUmsQFwPfWJw357JUs.d2~A&_origin=0&nsync=1&apid=VAc86427d7-d8f0-11eb-81e8-0620b1d2fd3a

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2539419078943932696

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8518230158766604568

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TE_JrpOmQxdiIpu9FtIkqFm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2753056387244065048

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=PqO4tT7pTt5a1dysytnuEVm7qN0

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2694225918088282392

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qH1QAQ5KTwp7fqwLml84eVm7qN0

Verdicts & Comments Add Verdict or Comment

602 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at expireFeedback (https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia:3271:57) at HTMLDocument.<anonymous> (https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia:3038:33) at j (https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js:2:29948) at k (https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js:2:30262) undefined
console-api	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.thestar.com.my/news/nation/2021/06/29/mahb-to-open-private-covid-19-screening-facilities-in-klia:4222:37) at j (https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js:2:29948) at k (https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js:2:30262) undefined
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Auotplay check: From Video Player environmentVars.videoSlotCanAutoPlay: true
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Player provided the volume level: 0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Considering only volume field for volume selection.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,&us_privacy=&cb=1624981414663
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-6-29 17:43:35&ranreq=0.12168464530915801&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:PM AdRequest Time: 0.725secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Ad Error Time: 0.727secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-info:Total Component Time since player call: 0.798secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981412454,,(Line 181) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Auotplay check: From Video Player environmentVars.videoSlotCanAutoPlay: true
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Player provided the volume level: 0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Considering only volume field for volume selection.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,&us_privacy=&cb=1624981421473
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Fnews%252Fnation%252F2021%252F06%252F29%252Fmahb-to-open-private-covid-19-screening-facilities-in-klia&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-6-29 17:43:41&ranreq=0.24891368440065365&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:PM AdRequest Time: 0.612secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Ad Error Time: 0.613secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-info:Total Component Time since player call: 0.673secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1624981420752,,(Line 181) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52a360d4000447a08efd7617080680a9.js.ubembed.com
8216cce6c79ae6f2705a541d5db94b27.safeframe.googlesyndication.com
a.tribalfusion.com
a.vidoomy.com
ad.lkqd.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
amplify.outbrain.com
analytics.google.com
api.cxense.com
api.dmcdn.net
api.pxl.dailymotion.com
api.vodus.com
apicms.thestar.com.my
assets.ubembed.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c681186d8ec5e0d06c2ebeb3e7021fb3.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.cxense.com
cdn.jsdelivr.net
cdn.thestar.com.my
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
connect.facebook.net
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
handyfireman.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
j93557g.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.adlooxtracking.com
pagead2.googlesyndication.com
pebed.dm-event.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
portal.o2online.de
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.openx.net
rx-stats3.unrulymedia.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-1.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
scdn.cxense.com
script.crazyegg.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sites.thestar.com.my
ssbsync.smartadserver.com
static.adsafeprotected.com
stats.g.doubleclick.net
survey.survicate.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
tr.outbrain.com
trc.taboola.com
tw.netcore.co.in
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
v1.addthisedge.com
vast.emxdgt.com
vid-io-cle.springserve.com
vid.pubmatic.com
video.unrulymedia.com
vpaid.pubmatic.com
vpaid.springserve.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thestar.com.my
x.bidswitch.net
z.moatads.com
ads.playground.xyz
ajax.googleapis.com
c.amazon-adsystem.com
cm.g.doubleclick.net
cs.lkqd.net
image4.pubmatic.com
match.adsby.bidtheatre.com
match.taboola.com
pagead2.googlesyndication.com
pixel.onaudience.com
rx-stats3.unrulymedia.com
sync.crwdcntrl.net
t.lkqd.net
ups.analytics.yahoo.com
video.unrulymedia.com
104.111.242.245
104.75.88.126
13.226.155.128
13.228.188.75
13.248.242.197
142.250.185.130
142.250.186.66
146.20.128.67
146.20.132.47
147.75.85.120
151.101.114.132
151.101.114.49
151.101.13.131
151.101.13.44
151.139.128.11
162.55.6.213
169.50.137.190
172.217.18.98
172.217.23.98
178.250.2.151
178.62.202.251
178.63.12.147
178.79.227.76
18.156.0.31
18.185.202.111
18.194.149.206
18.194.215.242
18.235.138.170
185.29.135.227
185.33.221.15
185.64.189.115
185.64.190.75
185.64.190.80
185.64.190.81
185.86.139.94
185.94.180.126
188.65.124.59
188.65.124.90
198.148.27.139
199.232.137.44
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.234.233
2.18.235.40
20.188.98.74
2001:678:cb4:bbbb::11
213.155.156.180
213.19.147.45
23.111.200.118
2600:9000:2104:5800:15:6f6c:b180:93a1
2600:9000:2104:b200:8:48e:53c0:93a1
2600:9000:2182:9200:1c:47d:4bc0:93a1
2606:4700:3039::6815:c036
2606:4700::6810:135e
2606:4700::6812:d05
2606:4700::6813:9308
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c0a::9a
2a00:1450:400c:c0a::9b
2a02:26f0:6c00:2a7::268b
2a02:26f0:6c00:2bf::268b
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::485
2a0b:4d07:1::1
3.126.158.103
3.129.250.65
3.16.237.150
34.107.231.31
34.98.107.212
35.156.106.231
35.157.83.29
35.186.249.84
35.186.253.211
35.190.0.66
35.190.74.49
35.244.159.8
37.157.4.24
37.157.6.251
51.75.146.162
52.17.151.21
52.19.7.243
52.208.167.91
52.212.126.234
52.219.124.198
63.251.232.170
64.202.112.63
65.9.77.10
65.9.77.106
65.9.77.122
65.9.77.24
65.9.77.61
65.9.79.183
65.9.86.127
66.155.71.150
69.173.144.138
82.113.101.132
85.114.159.93
87.98.252.5
01e2ba1737f7ab5892e5d0828b2aa967cdff643a8b12a4b71affc57205cab721
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ebbbe73b7742a977cf4c6a2ee5e0b390dd0d9f70cce685654c7782990192dc
079a92d5a60df0fe313273a1424b51c840017fc7070816f96ae3c9b3c86f4308
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf
0829ac43b09c9a9cfe273be88bf9afaf03db7837cff62366b371938f3dbd93b6
08e8f41e24ee71abeb52b9a5873fba5423d638c027c18c9f5dd8b6f4c9f072c2
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097
0967fae34ab9c044f6b304086b46661ad5d9a1f96069a0a300e41a964e6bc82a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8f714957092e50504368d2e29b38e536b25f72afc461e49f88d65491eadfad
0bf8a0d749a528cc29ce62e8a01a571d2925dcc9b0bf688ea1bad39a10d66cec
0da2d59994983f81ec97cf679eca3bb96789a8181530e9d30b661b5f08c40ef8
0daed5732706bcae388ef92d1ddc0a1ee8aab342342041950a6af921e47884b6
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0ff22709754b2c5fb63b8350afb80dfd88f82e92157c16a2bbcf05a0e4117717
105ba69e2aff3f8717305031c87902d1fe2019a1244e9631e94fbc13720cbe38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1113bdd5bb17d34a4fc00e64a665ae59dfbfa99504f2511553971af9e5dd1aa6
11b92b9da8ba6a8d217fdc010c0b9874f110b9a68070195164b8c8b88418b725
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1346cf303240fb8e6afa8dfcbbbae7e7248406a6134445fee37f3bcb99397daa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16e585fd42cae6c7e124669fca51d219f260e159af62bfadc79d08fe4c2dd607
17de993ae7f6c484e295ab7550153b7afdbba8aa93b2b4e92289ac91a69ffd8b
183711921cebeaa51cde5a5f9db9e150a024e83a939496c2177e5c1fafd06f1c
184ac62bedbfa18cbaf179ffe7f74ef3a1a297e932ebb312ed6121e8e1c1cfc5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a2536c621cbe9de9deaf49303fceb978d91afba13f8c62f80fb91e34154e3a0
1a64c6a2497c7c6e1eeb1d1e58ddd9d460d99ef5c45bace3f3fe672402d6ee65
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c325eb95de1a888c80ed777d5561f342f39e7e0ed59dfae0ce41578c06d03a1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e10939014d4d1f919648b1b71b39558cdc08a5291cc79d21fd40aad4ea605d0
1e94577b6e3455d4f3ff16493a73bd9b4b975c35fb1ce4d39baf9dc5565a9266
204d1a55bba7ed24e8b44ae28c3c13a8869be46f083078b5cee4b78077bba6c2
21f1f7c23282d4a168489ce581cc7ab880a9ef5422be7894f9798d3661a6b337
25bd9a64f65e892ff8ac4fcc456dff5954f8a6969a3846ba4ba5903969ca4b17
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e
28fdcfa76e7d68c58cd434cf7b0b4beff8b3afdfce86bf33955e66fbdb9a9697
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
295d52f1ab3737b326fb8864f83333b669b00e36a261b3c5023322a5aeb9a5b7
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5
2c64d90bdea5651d615d6b66d72fb88f532172b64fe0c9c8d7355b202972fd7f
2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb4fda7d12374fb0cc3c7ecd21c3e90a71cb1e9a57404e441bdc308d23acb5d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316
312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
31ca908152e6077fa84e863b4371ff6e3f0e43635cb7dc47e97191e22dd4acd8
31f2b19ef241fcb18eca3640ecbf0e3a93a4784d47bd7467c6fed094ea36dece
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d3c244db33b7a660c9fa43c2ccbd743df7cb5edda38f6063c418d7f952053f
33375c3a72d8e8186860e21f1e3c836def7c5197946d626ee3305873ddfca81a
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
344cd10a06733c3ecc05667714a33af546823785f2231c58de69e56d3e69e9f8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
361a7951bfb7edd4aba4a1973917c6ecec44b55d409f85b0a0702098d2598a0d
362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
3a942dfa8078cf39d86d2dc22d73314f67ad588b7a49bf18710139cdf4925c7d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced
402825f6b0ae069c50019632d038f630e62a2b4811d9166ed9fb53e02203e562
419b533bb371a333bf125e39bb9d80690d434a10be5e6b632b2008e4199d48c1
42348b50b42b2b88dc8bc07a265735bc85b64ca0f06dff2432f9cccda3529714
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac
43113ed6116556193af8ce9ebb0b4d106cad6a3f50f0a23916a50d2f9e40b1b5
4388095eff1d8e9b30fb94743eaba65dadf3e1f881355fddafe141ebcac3d88c
44c52d8e7834105db25e49f0b9c3c91539cb8d6ad106ed7c0e2c87a99f34ffe5
451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
461e4a74a2871bebd0eb956bb999037f3baf49be57d8d94b7aed0adb8957cd9d
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4664a5ffff3a1009cbde9d23265c1894252b566a27aea4df37f72cb111cf2154
46f3afe57bbb93db6383ab0e0eb010f1a6bcc51fff314f9439017611f416e0fd
471af9806275492b4d310d0433d4bb8cc26288a126f8f71991b51b6550427a43
47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3
47f013620668132188b1aaff8da4e3833a6d0e7b8bd24b49eb468d080c0e137a
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492fa30e41a85afbba06bde26c241268e4740b5499ebe18dbe812871a0316d28
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c
4c84de696adbac740dae40dd2a6ea15b6a68534ca5b209b4c3a08a7ef58282a2
4d26cb76fec20d2ecb2249e6e4280b6c441ae2181b44067281cbb9885b34353c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f52c0ffa7f39390b8780a89ccab2938578f25d665229405c09e4ed4df692398
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516a60ff44c6d96b8ba07b5a984e0af6451bcac118bdc5e367c7b3ce44db9f36
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aee6335e0b80f8e1b61651df88941cb2de5d1ee95dc9adb6599a431c9a9c1e
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
56abf8ec6b384ea032bbb7ca43322edf850ec0e51115dae4f1665c9f3d843544
578222397df0cfe2eff3110bf872cdb1142057c5a3738bec7842625ca504df86
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f
5840335fe3b5ca8af849b3589108742c6bbaaec3b04665e68332bb964ee3a0cc
5928a8d7c7ea5812c09ab122cb83a19b2bf39e5e7e23d8a83c273b5ae4369a33
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e6ee26e8c6b016d47d1922ac7b1a9bfd280e61ac6cbd3cc99da1d60d163b20e
5e7192a34a0d789aeeeb933e5a6350790b2fce3ebdab54d876b4e47e6afe075e
5faece53401bc7eb08a79943ce2bef292d00a00777dad0e5b618525254342a16
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126
6281b296098ee3e368708f1951a86b79a2ed2a39a2b2712d1495af717554c554
646e5528abeea0c8cfb3006e2eae681f9c2776529655b69c634aebce99c2a5bf
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5
65323046e59d031f5015e4cb0930cc50959d9947d3cd6034b39c3e504f1cdb4a
65632c7d3bed27c39037da47c8a0360a05a96726bae5bacc1e677d13fda9e6ec
65a59e015cf58f111026f7b63465879a9808b48fc20620eed82f859fd59b616d
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66c773ff4f3f0424a4a3d43bfc5d4dfc6d8c01835bb3b8767f0bc4555e4ba2d9
679777a3dbf10f9478f44adfb23cacba945c6d7ee3d89a88f9e1e04eb404f55c
682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada
6885d7d4425e00df32125bd104f6f1a6229063efee110537165f93f1a867ec7f
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d41bf7409cbf84460fd3c023302f87ffb49af565e9d9918fa868a155d5660a6
6d449aa1256961242e1aa75f57dcfead3d380195d153013adc464f2a5dd507a4
6d62caafa10ce1224e042adf29454f089e60bf224213f191c1cd701a9ca79756
6dd5151562c6ba082554127a6f50012bcd3131c3e2ab2aa5726067e130a080f6
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda
6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27
704e74f96ff904f7cc6f6098554d0adb250bd324c4fed3fb148a9cf100fbac21
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0
72fc1ec2ce2fe792586f85ceba88888ff1bed2c75050e0c9f4cfcf6787de069f
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854
740e76e642e714e163854ee71b809f2d48c201af9dd60b48793c467bae1d3f30
745df2476ae521dfdefdfbafae238d97aa24ca5df89f6e4acbfec465c4be9d76
76a87f288ba02efbf19b36db79d6e0bbaf191bbe49ff6035e887ddf70dfea471
76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f
7852417a592ad38ff3c87b7256d87745e4ea703cff3b5768a9878e26f064e948
79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9
7c727e92dc22defd55f6a1d7b931f568fd18f3e533e8e749c62aaf3a68dd3a38
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d
7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019
7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c
7f813f6293ff17e90ad99a6dad5c33259bfab9a146e6c709c89d88596f779505
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
809b0197303aa2ec9b7d6da9e542c375bff5888eacc0b93d7c8c2c0a516cbe8a
8118a6384c2f4c49f6eca5f56c90db7564952b6c62246508a593ee7dc31a6679
8194037ab81043c772ded558d7373b06f745c5195b122b94690c753b9b7ff93a
8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2
82586111e867147436b04f8b1a24adf41872fae9f98c1859b93be418ff2afe4d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20
84b73a2c423d73b7d75c0302c8448ce4a79f6a36380c35d09b24e53367acd36d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de
874e0a7177c56575e987e0a037238d55b9a811ad6718664eeba3bdf5cecfacc3
886aeab47a05dea1ac3fcba8e61be0e3a8ce2048a454914b95b1cf1b78566e4c
8a2acb826875848ad766b684077ac2e25b9edeb41a33b22412b6453eb4fbb816
8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ddd478b0691a413cb1e2494aaed3e2b7c206930c228faa1b1834927fde2fef6
8f09368ca475a92ad921eb984ebce7ad6189907ba48b0425d66388ab8f35a686
8f968e74a7825219f3fb0e3717e8aa0854ded3e3603fe44658a7037a587935a9
8ff2d096a7c2e70277dbe0332e7b66ef8cf552fc7aceaa9c8d848f31e3c69172
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
901d67e6603005bebb99067e9eda6ccc728ac452a3f3a895c9931690e03b569c
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7
91d2b343fbb791bf22ba3dc57107ab7a31fc3c8ed6fe5a62ade38ad382a204c3
92331bbce3dec5dd11f8ed4336864dd36aa1dc2a3f454c0ac576e83bdbafb78b
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94094f4eb3d7230390289d7185632ccb45684a6afb0c6aaaa3d79a3d246beb94
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453
97e01e9c8f9a09704caddeccf0ed2e5bd2df7992ebd7c6b62b6b8860e97176d1
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39
993664af9855090f1006a94eca142b31a892b8d402277dc787e33ba2c3250741
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf355cb64b5eec998a4fcead5946e0d603df75c76916befb4a01fd6ed87a7b
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36
9f1498b3409b1bf1885567b632f01d25242fcd6c7b9aead35c331d352dd4cd76
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17939078dad1aa6b6649cc8449e98dc12958cc038904804202d5060cd2dae43
a23357ddf37c763871c40f696b5a1349390e53fe183e6e9877b4f26475522b4d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26814bc35babf109f52be0e4d183569316287fe68ed6a84766d348663c06c7e
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3b569c43eb659617b6bae5b913457cc48228b56376ef35fd26355062e5c1508
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74455519d243dd6f23e2fdd00aa4f74e5631686ea52144928b1c853e746fc27
a927612f872903b465073ee5fcc41823bc80bc85b2724d223f48fb6c23435882
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d
aa9338ba088950ac39e268090833401f2d9204e15e6bc120f6e5ba4d57f03b40
abad740dab8a9e73bc12b8f35c8cf51ab4395de64a0b0b50516522ffe5504e3e
ac6128bd87a25464c7f2e98b3bd4e4f5113bd17bdf989838ef91749c3d8c537a
ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37
ad359cec5315b0cad9fbd906d97035756db90165eb51779bd3f21fd407cd7489
ae2c3c52dbf75819fc5d7488b23bf67387f982a61c54df0bc12255641b13f35f
aec971a8bba3795a9ec4a8a74ad09bab879de251c09ca3bfa20b6cccea4d1135
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
af2e75a0a1da8c34f1aaa7cbbff380f1064765300663dda3fcff82c6fcb44be2
af5ff26edabfeec74973850ae1562da7587f845a2ccef46b60a4a7452fc61d6f
b063d453ff171405d7cfa9085bbe06db2a3583d1ce238d63d05ef3dbdb80bd94
b12b83558e6df4c0879d1aa4296c708c345e80614f6bf951c348e8a6ad79ac6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54dea8e88cb52261213c4d12ebf96486e9518cdf8525fe0cb55720a1fc2ee0f
b590356ac85e5d53ac63c56bd0f5d8d7268280224274f441a2f6e3fae78025da
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d
b6dab79488353b6c60b5735605c4eef746efaaf7c6cd44606499e444bbf0a987
b87a586b7b53018450e2b49bae22f45318d64f47d8c0f9497d943f1be57c1867
b91904de21815c30d86842aa2a3722b743699774cfd45b62046da0f403f9d0c8
b9811ad7d048696f000f806ddc8927cec84f1aef9c885739bd5b6147645c1899
b9b549848c0bfbe2cc510d96f5d9ee6ebf61bec55c6764677f99b5927eada175
baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32
baf7a6145f5eeb554ec0783bb7386519828999269506e1d2e2a469800330a738
bd04b954f60aa82c29b90219a9700d424c007dfc6ca94acd18d3178a3fc205ff
bd5ee559ca64cb7dd98905a27b58a79c1f7d5ace4efb5e6b80fe1cd22cc99f5c
be20d3ed7bdef0c2f7fa9c3da50988bb1ae4c5aa7495bafa13f72b4cd487f35f
beb84755189e52d76c59cf002fb5601c60492a580d75da2158568c79469ac642
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
bed68d074141b68490f52a6926c3768d9e8c860cda401ba9ae8990f4cce40ae2
bef7f973a45e29ad4a34e06a696981dc926ab5385b05041e672fdc79502b757c
bf1858289586abc6140694b5feeedc5d897b26eddf42207a6da3a37f4d309bbd
bff5055b087a06c39361fe439a0746c9597e164d445541e33276e26339e8829e
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c29c8ebb51d4f2aa896e2dd4234921a430a6a10d993b06683045013d32f78aab
c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c423395ba31f2472871390e06186792ad444535fc1c3b6ed349bd38a732d83ab
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c522d6e03a153e1c8af9627a204085508a2ce02361ae2c418bc00c4d1f025ef3
c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12
c8046d445fc28d48384b7d10313ea4a335af85e0cf7f2726ec4aac6864b753e8
c84489c6c8af255c933de67b6543e64f0f84a6e402927cd18ae4673ce21ac5c2
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c
c9249d94e3179f81697b30e5851f1b6d09824219176fd797387011cdbea7d955
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb5262466d7da1e6d44207db7632b88fd6944e55fcf9608adb324841afd7e7f7
cc0806a64fd16aada3580c87fce8aa9af42b64b333050aa535849a916f965a9b
cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cef7bf216399985de78bfb9528b410f92e86ade9a8cc22641a57a17c735b3503
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf49b06d019a2575d5f3c260cd8557ccc1b4aecddbfd05a0ab3acf708ce601f8
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d4764812e5f6c2ec503a6a383f0d7bb29cf04131b42cf87d147ff651829c52ab
d578371ee269c80ded895a92faae239532cea52daff661226da6cc956f882698
d5a8345dde00a9eb9f22b649e16d08acf5bd4049693c71e8e2b491b9f1fbbf4d
d5b38208aa9fad84fdab635f8d7b644455337ecca957b55f5e959c5219bdec72
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d66988d14eee2df322fec90cd8b25838e5dd531179ef3ceb0d5d018fba52c0b5
d80f3bd222e336de545423e9fc389416507f3b7f75741b99e8365849e912794b
d8698b6b4de3848476f117813e1dad4d149dc99230a73a14f6aa05bc8e03f2ad
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004
d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda
dbbbc429a4bd535adb45f9ee2f1f8b899a9dbfccb4e11408e3ccc177563c2ce3
dc213bade307db84bdce0d1e4a381caeb1b2a6208361066bf9785786ea9ea858
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4838ca8d7337d39c5e73e2306e08ed702c1e52f872c3bbddda102eff7bf8c6
dfe58b5b5475486c45a2d8cc38cb6f0266455dcec0766e7ed33a19836259182f
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e153ffc1f0c89a2ddeb8b9a9719fbf10a620cedc22f7e8a31c7433e033d3339b
e17e0c0cc181ab4a29d6a197e46acb8ad3a43b322df55cce134077b7a41a2400
e199e8629498e134003d8a6f734f05e942fe588bbac16cd349e507bd2898d6b9
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3089047ef6313952ce00525405c864386636beee48b5968467ac300ca8f2abe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764
e45a1b7eae1b9be6e2cfebfdc56589d27b528e5a8036825ef29f9ba7b28a0406
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0
e4d7cb2915ec1123980c3fd13b49b854cd1886503bd2697123bb1b2eabfa31c9
e7525259e4dab42a04d70e12c604a902f19419dceb630a10ca46374e617a6299
e7d6b27219061f4cc227a8d4c6057b336acd9810ff56b47a72340fc8f939a0fa
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d
eba3a9df23af26c6d75b298846b3f2163d63b1df3d611976bb7e122a52a3148f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b
f10fa0c0a0120a9b67837bdd4cdb5c91e4e7e46f6ac7596fae74c7d6e4171db7
f12fd38024cfa5af989f3fab1f9e76a71c7d0f1640a5ab39abbb712ac0f07c53
f15d1a62eb28785496cffe59def46a5ac0f1806620b9fa9763fe6b8e84aae5df
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591
f23aae60b09bf0c3b97dc33017df136b0b1da3f88125cce3e72b763088ac041d
f3bded8cbe1db818fa4bb443fb17c438cd2691d5068f2049275fddaa0bdd5863
f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9
f665b131599311044cbe32c0da10dc710ce1ac5b38e7af2184a8e413e7f0871c
f70139c0137ae9d1210dbc3959d35ca70e04f5d5aa5072c8cc4215a993984507
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
f955017a744484b1ed600f7701e26335b7401b4cd6f380a75194ff8da6b94d5b
f99fdcb7eda8ca60a3ca72b632d7be058f450e2fa24547fe374eb8a3cc243de4
facb43fca302a97e142329f0531eb90c6bf90f84fad8327be364030dc1bdc67f
fc1cd164af924c2c5383c9ce1e6f1c155d0c1021551ebdd028801f4f6786d7a0
fcd9c41507f7ea55383f06c40844db5ca4c911b1bda518943151dc60b8f137e1
fcde9d2b057fa20a1de9e117ff72b96dc112bf94956c0a3953e2ddffea4af595
fe1e312ec8d20a3ce76ddc7aec8c03504e197a8d8192041da15cd1ec910cf4ae
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fef93d2044c2f6cdc3b62df65502f2249db4cd43e25a6021bc1222fc765cd11a

www.thestar.com.my Open in urlscan Pro 65.9.77.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

757 Requests

89 %HTTPS

32 %IPv6

88 Domains

138 Subdomains

97 IPs

13 Countries

5948 kBTransfer

17328 kBSize

0 Cookies

71 Outgoing links

Redirected requests

757 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com.my Open in urlscan Pro
65.9.77.24 Public Scan

Screenshot
Live screenshot

Full Image

757
Requests

89 %
HTTPS

32 %
IPv6

88
Domains

138
Subdomains

97
IPs

13
Countries

5948 kB
Transfer

17328 kB
Size

0
Cookies

757 HTTP transactions
9 data transactions