www.bharian.com.my Open in urlscan Pro
2606:4700::6812:15f6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Submission: On September 14 via api (September 14th 2022, 2:59:19 am UTC) from US — Scanned from DE

Summary HTTP 381 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 77 IPs in 9 countries across 60 domains to perform 381 HTTP transactions. The main IP is 2606:4700::6812:15f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bharian.com.my. The Cisco Umbrella rank of the primary domain is 92416.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 10th 2022. Valid for: a year.

This is the only time www.bharian.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	2606:4700::68... 2606:4700::6812:15f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.7.49 108.138.7.49	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:288b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	23.205.242.120 23.205.242.120	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	54.194.94.16 54.194.94.16	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.79.102.132 52.79.102.132	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:440... 2606:4700:4400::ac40:9902	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:236... 2600:9000:236e:8c00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:27::... 2620:1ec:27::cafe:1686	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 11	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.235.205.35 34.235.205.35	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:440... 2606:4700:4400::ac40:9893	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	198.47.127.22 198.47.127.22	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 17	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
1	2606:4700:440... 2606:4700:4400::ac40:9375	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	15.164.184.67 15.164.184.67	16509 (AMAZON-02) (AMAZON-02)
1 2	121.53.104.194 121.53.104.194	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
4 7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	13.125.31.135 13.125.31.135	16509 (AMAZON-02) (AMAZON-02)
1	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
12	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 18	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 6	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 2	64.74.236.159 64.74.236.159	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	54.146.105.203 54.146.105.203	14618 (AMAZON-AES) (AMAZON-AES)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	107.22.33.78 107.22.33.78	14618 (AMAZON-AES) (AMAZON-AES)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	72.44.36.54 72.44.36.54	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 1	34.96.71.22 34.96.71.22	15169 (GOOGLE) (GOOGLE)
1 2	18.233.196.70 18.233.196.70	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	3.37.106.140 3.37.106.140	16509 (AMAZON-02) (AMAZON-02)
10	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
381	77

64 2606:4700::6812:15f6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bharian.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bharian.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-49.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:288b (United States)

ASN13335 (CLOUDFLARENET, US)

ad.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heartbeat.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.205.242.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-242-120.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.94.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-94-16.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.79.102.132 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-102-132.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9902 (United States)

ASN13335 (CLOUDFLARENET, US)

media.ohbulan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:8c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

bharian.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sentinel.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1686 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.205.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-205-35.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9893 (United States)

ASN13335 (CLOUDFLARENET, US)

media.siraplimau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

mediaprima-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.172.249 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9375 (United States)

ASN13335 (CLOUDFLARENET, US)

heartbeat-api.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.164.184.67 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-164-184-67.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.53.104.194 (Korea, Republic Of) 1 redirects

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.125.31.135 (Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-125-31-135.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.159 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.105.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-105-203.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.33.78 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-33-78.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.44.36.54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-36-54.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.196.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-196-70.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.37.106.140 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-106-140.ap-northeast-2.compute.amazonaws.com

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	bharian.com.my www.bharian.com.my — Cisco Umbrella Rank: 92416 assets.bharian.com.my — Cisco Umbrella Rank: 261802	2 MB
36	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	235 KB
28	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702 image6.pubmatic.com — Cisco Umbrella Rank: 891 t.pubmatic.com — Cisco Umbrella Rank: 5050	156 KB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	154 KB
26	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 755 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709 r.casalemedia.com — Cisco Umbrella Rank: 1020 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	19 KB
21	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com — Cisco Umbrella Rank: 876 secure.adnxs.com — Cisco Umbrella Rank: 725	64 KB
14	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3915 www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142	3 KB
14	dable.io static.dable.io — Cisco Umbrella Rank: 13911 api.dable.io — Cisco Umbrella Rank: 12976 r-log.dable.io — Cisco Umbrella Rank: 14888 adx.dable.io — Cisco Umbrella Rank: 11736 images.dable.io — Cisco Umbrella Rank: 15790 sp-api.dable.io — Cisco Umbrella Rank: 49846	67 KB
13	useinsider.com bharian.api.useinsider.com — Cisco Umbrella Rank: 410818 sentinel.api.useinsider.com — Cisco Umbrella Rank: 57898 segment.api.useinsider.com — Cisco Umbrella Rank: 18018 location.api.useinsider.com — Cisco Umbrella Rank: 18595 log.api.useinsider.com — Cisco Umbrella Rank: 11415 hit.api.useinsider.com — Cisco Umbrella Rank: 14905 assets.api.useinsider.com — Cisco Umbrella Rank: 28736 eitri.api.useinsider.com — Cisco Umbrella Rank: 27251	92 KB
10	google.de www.google.de — Cisco Umbrella Rank: 3469 adservice.google.de — Cisco Umbrella Rank: 5202	2 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	137 KB
9	media.net prebid.media.net — Cisco Umbrella Rank: 1802 contextual.media.net — Cisco Umbrella Rank: 819	25 KB
8	openx.net mediaprima-d.openx.net — Cisco Umbrella Rank: 194336 u.openx.net — Cisco Umbrella Rank: 975	1 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	41 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 787 c.clarity.ms — Cisco Umbrella Rank: 1178 k.clarity.ms — Cisco Umbrella Rank: 6776	26 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2328 m.addthis.com — Cisco Umbrella Rank: 2330 api-public.addthis.com — Cisco Umbrella Rank: 5164	218 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 415	4 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 942 cdn.indexww.com — Cisco Umbrella Rank: 2169	6 KB
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1864	2 KB
6	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1492	756 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 ajax.googleapis.com — Cisco Umbrella Rank: 480	38 KB
5	siraplimau.com media.siraplimau.com — Cisco Umbrella Rank: 505307	725 KB
5	ohbulan.com media.ohbulan.com — Cisco Umbrella Rank: 362553	1 MB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	305 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	1 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	418 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	32 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	263 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1628 mab.chartbeat.com — Cisco Umbrella Rank: 3129	34 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	117 KB
3	mediaprimaplus.com.my ad.mediaprimaplus.com.my — Cisco Umbrella Rank: 172191 heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 211071 heartbeat-api.mediaprimaplus.com.my — Cisco Umbrella Rank: 166543 Failed	46 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1654 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1142 id.crwdcntrl.net — Cisco Umbrella Rank: 2151	16 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 6166	563 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 845	634 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1392	503 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	2 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 636	628 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	28 KB
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6405	420 B
1	adform.net c1.adform.net — Cisco Umbrella Rank: 1015	331 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 2188	307 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1389	360 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2522	565 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 4166	232 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 951	191 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116	582 B
1	toast.com cm-exchange.toast.com — Cisco Umbrella Rank: 8510	607 B
1	admixer.co.kr idsync.admixer.co.kr — Cisco Umbrella Rank: 15747	884 B
1	kakao.com act.ds.kakao.com — Cisco Umbrella Rank: 20872	491 B
1	daum.net 1 redirects analytics.ad.daum.net — Cisco Umbrella Rank: 19330	567 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 408	554 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1356	201 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 2744	703 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 592	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	28 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1568	5 KB
0	rlcdn.com Failed api.rlcdn.com Failed
0	nstp.com.my Failed recsysbh.nstp.com.my Failed
0	myresipi.com Failed myresipi.com Failed
381	60

	Domain	Requested by
47	www.bharian.com.my	www.bharian.com.my static.cloudflareinsights.com
17	ib.adnxs.com	3 redirects ads.pubmatic.com acdn.adnxs.com
17	assets.bharian.com.my
15	dsum-sec.casalemedia.com	3 redirects r.casalemedia.com um2.eqads.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com googleads.g.doubleclick.net www.bharian.com.my www.googletagservices.com
12	hbopenbid.pubmatic.com	ads.pubmatic.com
11	www.google.com	2 redirects tpc.googlesyndication.com c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
10	t.pubmatic.com	ads.pubmatic.com
9	googleads.g.doubleclick.net	1 redirects www.googleadservices.com c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com www.bharian.com.my
8	www.google.de
7	cm.g.doubleclick.net	4 redirects r.casalemedia.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	fonts.gstatic.com	fonts.googleapis.com
6	s.amazon-adsystem.com	3 redirects r.casalemedia.com
6	prg.smartadserver.com	ads.pubmatic.com
6	c2shb.ssp.yahoo.com	ads.pubmatic.com
6	prebid.media.net	ads.pubmatic.com
5	htlb.casalemedia.com	ads.pubmatic.com
5	mediaprima-d.openx.net	ads.pubmatic.com
5	media.siraplimau.com
5	media.ohbulan.com
5	connect.facebook.net	www.bharian.com.my connect.facebook.net www.googletagmanager.com
5	ads.pubmatic.com	www.bharian.com.my ads.pubmatic.com
5	static.dable.io	www.bharian.com.my api.dable.io
5	fonts.googleapis.com	www.bharian.com.my api.dable.io c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
4	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com
4	log.api.useinsider.com
4	www.facebook.com
4	api.dable.io	static.dable.io
4	www.googleadservices.com	ad.mediaprimaplus.com.my www.googletagmanager.com www.googleadservices.com
4	www.googletagmanager.com	www.bharian.com.my www.googletagmanager.com
3	cdn.indexww.com	r.casalemedia.com
3	k.clarity.ms	www.clarity.ms
3	www.gstatic.com	c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
3	r.casalemedia.com	js-sec.indexww.com
3	ssum-sec.casalemedia.com	3 redirects
3	contextual.media.net	ads.pubmatic.com
3	js-sec.indexww.com	ads.pubmatic.com
3	u.openx.net	ads.pubmatic.com
3	acdn.adnxs.com	ads.pubmatic.com
3	c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.googletagservices.com	www.bharian.com.my c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
3	s7.addthis.com	www.bharian.com.my s7.addthis.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	um2.eqads.com	1 redirects r.casalemedia.com
2	b1sync.zemanta.com	2 redirects
2	r-log.dable.io	static.dable.io
2	c.clarity.ms	1 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	a.teads.tv	ads.pubmatic.com
2	hit.api.useinsider.com	bharian.api.useinsider.com
2	www.clarity.ms	www.bharian.com.my www.clarity.ms
2	bharian.api.useinsider.com	www.googletagmanager.com bharian.api.useinsider.com
2	sb.scorecardresearch.com	www.bharian.com.my
2	static.chartbeat.com	www.googletagmanager.com www.bharian.com.my
1	sp-api.dable.io
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	s.company-target.com	1 redirects
1	c1.adform.net	r.casalemedia.com
1	sync.adotmob.com	1 redirects
1	csync.loopme.me	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	secure.adnxs.com	r.casalemedia.com
1	nep.advangelists.com	1 redirects
1	pixel-sync.sitescout.com	r.casalemedia.com
1	sync.srv.stackadapt.com	1 redirects
1	images.dable.io	static.dable.io
1	ajax.googleapis.com	api.dable.io
1	image6.pubmatic.com	ads.pubmatic.com
1	cm-exchange.toast.com
1	idsync.admixer.co.kr
1	adx.dable.io
1	act.ds.kakao.com
1	analytics.ad.daum.net	1 redirects
1	c.bing.com	1 redirects
1	eitri.api.useinsider.com	bharian.api.useinsider.com
1	assets.api.useinsider.com	bharian.api.useinsider.com
1	heartbeat-api.mediaprimaplus.com.my	heartbeat.mediaprimaplus.com.my
1	ping.chartbeat.net
1	location.api.useinsider.com	bharian.api.useinsider.com
1	segment.api.useinsider.com	bharian.api.useinsider.com
1	sentinel.api.useinsider.com
1	mab.chartbeat.com	static.chartbeat.com
1	region1.analytics.google.com	www.googletagmanager.com
1	heartbeat.mediaprimaplus.com.my	www.googletagmanager.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ad.mediaprimaplus.com.my	www.bharian.com.my
1	tags.crwdcntrl.net	www.bharian.com.my
1	cdnjs.cloudflare.com	www.bharian.com.my
1	static.cloudflareinsights.com	www.bharian.com.my
0	api.rlcdn.com Failed	ads.pubmatic.com
0	recsysbh.nstp.com.my Failed	www.bharian.com.my
0	myresipi.com Failed	www.bharian.com.my
381	105

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
vm.tiktok.com
www.audioplus.audio
ohbulan.com
siraplimau.com
digital.nstp.com.my
www.1k.com.my
klik.com.my

Subject Issuer	Validity	Valid
bharian.com.my Cloudflare Inc ECC CA-3	`2022-08-10` - `2023-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
mediaprimaplus.com.my Cloudflare Inc ECC CA-3	`2022-07-31` - `2023-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
static.dable.io R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.dable.io Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
ohbulan.com Cloudflare Inc ECC CA-3	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2022-02-22` - `2023-02-21`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.admixer.co.kr GeoTrust RSA CA 2018	`2022-04-29` - `2023-05-01`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Frame ID: 9144FAF58EE8FCEEC60AFCA96C1A58B3
Requests: 266 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 20E820CCB5D890F68B3796D28A80D0BA
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8CFF2BDA65A741783342E335D1FC0344
Requests: 1 HTTP requests in this frame

Frame: https://bharian.api.useinsider.com/worker-new.html
Frame ID: 60C3B61BCE7F301D79BBC9ACEA6692C0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2A5C5E69F200E92357D90E4AA6437941
Requests: 1 HTTP requests in this frame

Frame: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F094EF93AFA36127488FEA8D1843B4EB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7FF2B0F3E2D88356FDF2F091104E600D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B32D9C74AC6013F765D269E24A8A5C77
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 59D5566CF38ACD8DE7861E4105FE6A9E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FBFA9B4430AC1795FE76202E7E5E67C4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 97AC6A2354265B0E17B0C76D3A7DCDBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Frame ID: DA8CB2C9891441C4CB21FE44DC831E5D
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 58AAAE8FB66C831F50C1DE16618C9B78
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2E188F55545FA34BFB224ABAB0444CC7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 24D50B6F6D3404416D41CC515DE33F6F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1A6B4AC15DD467F233D35D533DA2F257
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Frame ID: 4BEBCB540FF05B86FB323D87EE318D01
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6D1EBE4554B9190E3112580AAE7C3B25
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 009E6D2955809734A7921392D6D96507
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 589C10C211B7291131D67778F5D8E7BB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Frame ID: DECA1E4402988F4417CD44AB39DC1A8A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4AE08A934DF9D61AFDFCD46466C150CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Frame ID: 1766EF67FD8CB0C7926B8AD2A16D2AD4
Requests: 1 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: 822871D0D2D016BFA6D448D86C866B1B
Requests: 13 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8C102423004E7206258F86984B11A362
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6402479C488B4C839551D65A8862ADE9
Requests: 9 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AF1D0137AFEF89D7A26290868AA4EB06
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92D5A297CA6B5CF2CF9BF2C4D4D78C90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5862C80D3CBB12C60F33DDE595BF3894
Requests: 2 HTTP requests in this frame

Frame: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDA71507D65DCCD5D9018EB99B5A901D
Requests: 15 HTTP requests in this frame

Frame: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED14A9B6B142B6C926A8F7CCDA95E7B3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNXio2ZE-RpAS-sWS9pUhzvXlPvSqrPfhveLxzOl_eutGPfipM4XS_Nm7gHQ4qNjSotyNJm19Hc6fMf3pJ8e8KxDg0eYKQ
Frame ID: 8CAF3BD20E1AEDAF6ABA7717CD18AABE
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5872B8B75F4F60CCE8B4961C67D0B0AE
Requests: 8 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: A1A0BB903AB3AAAE2D42E7B879F56D6C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E432BC0E90D6FF7CDFA5B56E9CC0DFE8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80597517A060AC117DBB090EA79B81BB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: D326D836F76D1B7CB74806E7576D448D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sultanah Kelantan, Nur Diana Petra buat kemunculan pertamaWhatsAppFacebookTwitterLinkedInAddThis

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

381
Requests

92 %
HTTPS

43 %
IPv6

60
Domains

105
Subdomains

77
IPs

9
Countries

6067 kB
Transfer

11282 kB
Size

71
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/berita-harian/id1034150140?utm_campaign=fp&utm_medium=web&utm_source=bh

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.nstp.bh&utm_source=bh&utm_campaign=fp&utm_medium=web

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bhonline

Search URL Search Domain Scan URL

URL: https://twitter.com/bharianmy

Search URL Search Domain Scan URL

URL: https://instagram.com/beritaharian

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BHOnlineTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/beritaharian

Search URL Search Domain Scan URL

URL: https://vm.tiktok.com/ZSe967CLB/

Search URL Search Domain Scan URL

URL: https://www.audioplus.audio/
Title: Dapatkan Audio+

Search URL Search Domain Scan URL

URL: https://ohbulan.com/hattan-awie-chong-wei-zii-jia-dilantik-sebagai-duta-anti-scam
Title: Zed Zaidi 2 jam yang lepas Hattan, Awie, Chong Wei & Zii Jia Dilantik Sebagai Duta Anti-Scam

Search URL Search Domain Scan URL

URL: https://ohbulan.com/pelakon-lelaki-ditahan-polis-langgan-pelacur-berulang-kali
Title: Isu & Kontroversi 3 jam yang lepas Pelakon Lelaki Ditahan Polis Langgan Pelacur Berulang Kali

Search URL Search Domain Scan URL

URL: https://ohbulan.com/didakwa-tunai-umrah-untuk-ratu-elizabeth-ii-lelaki-yaman-ditahan
Title: tunai umrah untuk ratu elizabeth 4 jam yang lepas Didakwa Tunai Umrah Untuk Ratu Elizabeth II, Lelaki Yaman Ditahan

Search URL Search Domain Scan URL

URL: https://ohbulan.com/muncul-buat-kali-pertama-ini-10-foto-sultanah-nur-diana-petra-abdullah
Title: sultanah nur diana petra abdullah 4 jam yang lepas Muncul Buat Kali Pertama, Ini 10 Foto Sultanah Nur Diana Petra Abdullah

Search URL Search Domain Scan URL

URL: https://ohbulan.com/suami-merungut-isteri-boros-sebab-habiskan-rm100-dalam-25-hari-wajar-ke-saya-kahwin-lain
Title: Kini Trending Sep 13, 2022 @ 12:11pm Suami Merungut Isteri Boros Sebab Habiskan RM100 Dalam 25 Hari – ‘Wajar Ke Saya...

Search URL Search Domain Scan URL

URL: https://siraplimau.com/doktor-sanggup-lari-3km-elak-kesesakan-lalu-lintas-demi-selamatkan-pesakit/
Title: Inspirasi 42 minit yang lepas Doktor Sanggup Lari 3KM Elak Kesesakan Lalu Lintas Demi Selamatkan Pesakit

Search URL Search Domain Scan URL

URL: https://siraplimau.com/kalau-macam-ni-hantaran-50k-belum-tentu-cukup-wanita-ikat-sendiri-bata-bina-rumah-kemas-macam-pro/
Title: Rakyat Sep 13, 2022 @ 8:18am “Kalau Macam Ni Hantaran 50K Belum Tentu Cukup”- Wanita Ikat Sendiri Bata Bina...

Search URL Search Domain Scan URL

URL: https://siraplimau.com/bergantung-jenis-layanan-diterima-ini-sebab-kenapa-wanita-tak-halal-lebih-manja-dari-isteri-di-rumah/
Title: Suami Isteri Sep 13, 2022 @ 6:38am “Bergantung Jenis Layanan Diterima..”- Ini Sebab Kenapa Wanita Tak Halal Lebih...

Search URL Search Domain Scan URL

URL: https://siraplimau.com/tolong-ambil-peduli-pelanggan-kecewa-jumpa-ubat-stapler-dalam-kuih/
Title: Famili Sep 13, 2022 @ 6:25am “Tolong Ambil Peduli…” Pelanggan Kecewa Jumpa Ubat Stapler Dalam Kuih…

Search URL Search Domain Scan URL

URL: https://siraplimau.com/pantai-best-di-malaysia/
Title: Percutian Sep 13, 2022 @ 3:37am Awasi ‘Arus Kurau’ Bila Mandi Laut Ketika Musim Air Pasang, Bahaya Tersembunyi...

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/bh-digital/id527165548?utm_campaign=fp&utm_medium=web&utm_source=bh

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=team.vc.berberita&utm_source=bh&utm_campaign=fp&utm_medium=web

Search URL Search Domain Scan URL

URL: http://digital.nstp.com.my/bh/
Title: Akhbar Digital

Search URL Search Domain Scan URL

URL: http://digital.nstp.com.my/nst/includes/shop/list_products.jsp?testata=berberita&id=berberita
Title: Akhbar BH

Search URL Search Domain Scan URL

URL: http://www.1k.com.my/
Title: 1Klassifieds

Search URL Search Domain Scan URL

URL: https://klik.com.my/
Title: NSTP KLiK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=d0MhY8ieL_SF9fgP2veSiAw&sscte=1&crd=&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0WYrILH43X7gmMsdgFKovqfgDXvSVSTkEw&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuWkhyWTF5eUdQLWF0dllCN3hMSVBYdThjNkk3OW1RLXdISEctQlh0N3RjdGgwGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5WdVJ0UTZZQURUemNKVGRkSzk4YzEzN3BmRHlXVFM4LXRGSV8xWENZT2JJSG80Z2tNNHA2NnFR HTTP 302
https://www.google.com/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuWkhyWTF5eUdQLWF0dllCN3hMSVBYdThjNkk3OW1RLXdISEctQlh0N3RjdGgwGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5WdVJ0UTZZQURUemNKVGRkSzk4YzEzN3BmRHlXVFM4LXRGSV8xWENZT2JJSG80Z2tNNHA2NnFR&is_vtc=1&ocp_id=d0MhY8ieL_SF9fgP2veSiAw&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UgJpDMpL2zQ-731UU0drxJWq1AdJMWyQk&random=2798841415&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuWkhyWTF5eUdQLWF0dllCN3hMSVBYdThjNkk3OW1RLXdISEctQlh0N3RjdGgwGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5WdVJ0UTZZQURUemNKVGRkSzk4YzEzN3BmRHlXVFM4LXRGSV8xWENZT2JJSG80Z2tNNHA2NnFR&is_vtc=1&ocp_id=d0MhY8ieL_SF9fgP2veSiAw&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UgJpDMpL2zQ-731UU0drxJWq1AdJMWyQk&random=2798841415&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 239

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&RedC=c.clarity.ms&MXFR=3C41C99AA12064DE1B9BDB85A5206AF9 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&MUID=1A3FBB5908F461BB1968A946097F6026

Request Chain 242

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220914%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEOy2wZMK3-2C-AnPiHgoS9A&google_cver=1

Request Chain 262

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 263

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 264

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 265

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 266

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 267

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 303

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB&dcc=t

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

Request Chain 306

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 307

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=J9w4O_M7QktSAeOYJITFwlD_B2o

Request Chain 310

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

Request Chain 311

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB&dcc=t

Request Chain 314

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5b3ec41-e224-40d6-9fec-a4746bfd3559

Request Chain 316

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=62d4f2b1-4064-4301-b817-186c3cba3ad9&expiration=1694660345

Request Chain 317

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1761d7d9-f934-47d3-b393-ed73b7a06abb&us_privacy=null&gdpr_consent=null&gdpr=1

Request Chain 320

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

Request Chain 321

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB&dcc=t

Request Chain 323

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 325

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 326

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678762745&external_user_id=d37089bb-8cf1-4079-b81f-09e8d9b92bce

Request Chain 328

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 339

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bharian.com.my%2F&domain=www.bharian.com.my&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=a3kpyXxXSWtmYnBWTTBoYk5tbStOWnNRNHRYYWEzN1plYUd5NFpkUHlJYjZ6cUhBdWJVQmtQSEN5M1AvaFFzeGxoQ0l5cmo1bXpJcGZ1TENyWUVFSmVtVTh4ZEtyK1ZvTmxWM084bExQekVEZlA2RmxoNVNZWUpsQzBabXlyL2FXK0lwS3l5ZEFUckJLMDJUM3ZKM1ppTTM2NVV6TkFQNmRjekNONnFVVmQ4dTdDM0g3VWFPYlhYYjNrbGUyS1VBL2hCaVFCR3JrUThvS0dXeHV6YXJrWVltaG1weUh2U0hFbDcrbzJRR2pwZTFKL1FJSU9lOW9Hc0c2czY5YjlqcGtpVTU3fA&cppv=2

Request Chain 346

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

381 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama Show response
www.bharian.com.my/berita/nasional/2022/09/1000045/ 50 KB
11 KB 1142ms
829ms Document
text/html 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b73d7c6fe4d3c3963fc46e976a5095fc4b32af9e3b4ca30ed76ba9cc739c57

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 74a5dd35bf649974-FRA
content-encoding: br
content-security-policy: default-src=*
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:00 GMT
last-modified: Wed, 14 Sep 2022 02:58:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: ALLOW
x-frame-options: allow-from http://digital.nstp.com.my/
x-xss-protection: 1; mode=block

GET
H2 200 libraries.css
www.bharian.com.my/assets/css/ 92 KB
17 KB 261ms
259ms Stylesheet
text/css 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/assets/css/libraries.css?id=7979572225756f8aee4c

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9634ae5275a701160c919ab51a657a4fed8d9ce987def1a65295749799b7d8b3

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origSize=94124
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:56 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: W/"631fefd4-16fac"
vary: Accept-Encoding
content-type: text/css
expires: Fri, 14 Oct 2022 02:58:10 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
cf-ray: 74a5dd3afb399974-FRA
cf-bgj: minify

GET
H2 200 app.css
www.bharian.com.my/assets/css/desktop/ 164 KB
29 KB 848ms
847ms Stylesheet
text/css 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/assets/css/desktop/app.css?id=c297bc407592b9b3ce64

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338fadbba3db11dbb82f008c0260d1dd6f5812a15223e5e8093b5666163b623a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 14 Oct 2022 02:58:44 GMT
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: W/"631fefd3-28e52"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
content-security-policy: default-src=*
cf-ray: 74a5dd3afb3a9974-FRA
cf-bgj: minify

GET
H2 200 app.js Show response
www.bharian.com.my/assets/js/desktop/ 1 MB
343 KB 263ms
263ms Script
application/javascript 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a5117d55c2cfb8f332d9bcabcc1473e0c3fbe41a6802737d8ea033d9e69c66

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 14 Oct 2022 02:58:57 GMT
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: W/"631fefd3-127e82"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2592000
content-security-policy: default-src=*
cf-ray: 74a5dd3afb3c9974-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@400;700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e55ebbb7e66688d30fb3dfc6ca634bfdb7b97097ec4c1c1cea12027df364d473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 02:59:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 02:59:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 02:59:01 GMT

GET
H2 200 logo_35.png
www.bharian.com.my/assets/ 8 KB
9 KB 279ms
278ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/logo_35.png?id=f87f9010ff2be57801b3

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec05c4f944956f0bf79cfe3a78babb8939593259fc8248ec299c301fdf2059f

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=12235
content-disposition: inline; filename="logo_35.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8546
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-2fcb"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:04 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b1b4e9974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bh-merdeka-web-v2.png
www.bharian.com.my/assets/ 14 KB
14 KB 766ms
765ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-merdeka-web-v2.png?id=d612ac8671659f00d847

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7100751cff61bb499a18868314a45f2564fe9429d0273ae3463541423ed28a9

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=34680
content-disposition: inline; filename="bh-merdeka-web-v2.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14650
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-8778"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:43 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b1b4f9974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-appstore.png
www.bharian.com.my/assets/ 2 KB
2 KB 810ms
809ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/social-appstore.png?id=55874db1b7dddd5f03a0

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ba66e930efe7b43ff1f79f957d00e0abb693b61611eaf765a04dbbb6676b0b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2972
content-disposition: inline; filename="social-appstore.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1590
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b9c"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b1b509974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-playstore.png
www.bharian.com.my/assets/ 2 KB
2 KB 853ms
852ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/social-playstore.png?id=4c620ae6fed478be37ec

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d99d86894222ef69a8008ea6cbdab6b2c3e0ba5fc7e79780b4e06da691ac794

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2925
content-disposition: inline; filename="social-playstore.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1614
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b6d"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:43 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b1b519974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 tiktok-icon.png
www.bharian.com.my/assets/ 1 KB
1 KB 282ms
281ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/tiktok-icon.png?id=53acc5b92ccd9f85203e

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff06dc7a160acbf11cd6d1425913ace1f09e7acae1d44fff4e190c522508d7e

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2825
content-disposition: inline; filename="tiktok-icon.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1040
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b09"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b1b539974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 audio_plus_master.png
www.bharian.com.my/assets/ 3 KB
3 KB 753ms
752ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/audio_plus_master.png?id=633a170063b43a648dd8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7844
content-disposition: inline; filename="audio_plus_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3342
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1ea4"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b2b559974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 hotfm_red.png
www.bharian.com.my/assets/ 2 KB
3 KB 814ms
813ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/hotfm_red.png?id=7e2926041831b258e1a2

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6584
content-disposition: inline; filename="hotfm_red.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2406
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-19b8"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:48 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b2b579974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 buletinfm_master.png
www.bharian.com.my/assets/ 3 KB
3 KB 832ms
831ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/buletinfm_master.png?id=4a791378ee779b0c2f13

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7681
content-disposition: inline; filename="buletinfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2882
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1e01"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b639974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 8fm_master.png
www.bharian.com.my/assets/ 4 KB
5 KB 747ms
746ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/8fm_master.png?id=95e71486b6042424601c

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f4e3569ae744ad3fed3fb46ac51322315da4fd586b2c0ae76dfd82444844c0

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=11399
content-disposition: inline; filename="8fm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4502
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-2c87"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:59 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b659974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 flyfm_master.png
www.bharian.com.my/assets/ 5 KB
5 KB 276ms
275ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/flyfm_master.png?id=80f32289c944efe8d3af

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21627d5e570e9ca13c00dfea0e822fe9bb499bc902e3bf3bbbc467d18589dd1a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=10522
content-disposition: inline; filename="flyfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5388
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-291a"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b669974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 molekfm_master.png
www.bharian.com.my/assets/ 14 KB
14 KB 833ms
832ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/molekfm_master.png?id=5bee3440a1332d730f51

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=27993
content-disposition: inline; filename="molekfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14492
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-6d59"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b679974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bhtv-iconlive.png
www.bharian.com.my/assets/ 734 B
894 B 277ms
277ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bhtv-iconlive.png?id=4aca40f146a2b01c1412

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a3dd6f556f2e7e56c7e1e0aadb99a94889a3599b329258aca61c26648342dd

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5618
content-disposition: inline; filename="bhtv-iconlive.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 734
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-15f2"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b699974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bh-mobile.png
www.bharian.com.my/assets/ 4 KB
4 KB 276ms
275ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-mobile.png?id=f257943a4977aef7b987

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b76af9d0eaf78a189efe3961f6d702e22ce649d40435f258ae59ef0b1f6843b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6090
content-disposition: inline; filename="bh-mobile.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3708
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-17ca"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:11 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b6a9974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-ios.png
www.bharian.com.my/assets/ 1 KB
1 KB 278ms
277ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/icon-ios.png

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4214
content-disposition: inline; filename="icon-ios.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1160
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1076"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b6d9974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-android.png
www.bharian.com.my/assets/ 1 KB
1 KB 823ms
822ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/icon-android.png

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3997
content-disposition: inline; filename="icon-android.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-f9d"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:12 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b709974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bh-epaper.png
www.bharian.com.my/assets/ 3 KB
3 KB 851ms
850ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-epaper.png?id=b42866502ee17e348fe8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36550222ac30f145fbce0ea7cc96ecd991e18b15506763a2799659e6fa50c5ef

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5269
content-disposition: inline; filename="bh-epaper.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2870
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1495"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd3b3b719974-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rocket-loader.min.js Show response
www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 49ms
48ms Script
application/javascript 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 17:33:45 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"631b78f9-302c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 74a5dd3b3b739974-FRA
expires: Fri, 16 Sep 2022 02:59:00 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 171ms
75ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.bharian.com.my/
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:01 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 74a5dd3bbb989b2d-FRA

GET
H3 200 css
fonts.googleapis.com/ 2 KB
519 B 127ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/css/desktop/app.css?id=c297bc407592b9b3ce64

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 02:48:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 02:59:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 02:59:01 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 1152ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 14 Sep 2022 02:59:03 GMT
x-host: s7.addthis.com
content-length: 116423

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 131ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3569560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFC9ZZZKq7086EqDifJcYTODrqZrCjxpi5EMoAzjRMtL3MZbPXY9AnSk6PTfryZ53d5Pq5DT3fpXKPwQQYDVDHR8JgcofXXt0CLlLrdkTt0lLlAnqGMTwXPefml5xnAmxGpA%2Fc7eVOBYEBV7RoLMaNOu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a5dd41adc49119-FRA
expires: Mon, 04 Sep 2023 02:59:02 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7272/ 48 KB
16 KB 133ms
44ms Script
text/javascript 108.138.7.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7272/lt.min.js
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76958737170eb87f06d05e2cba9d8b117be49a624d286b024f7cfbfc16f105f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 13 Sep 2022 02:59:11 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 02:30:28 GMT
server: AmazonS3
age: 86392
etag: W/"aac6142d10b78bf6048a602ee0b8def3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 1hnGp65yFxf1IWZk1ZCaMtqFatcJG_s0E7BbGcs1PsEws2xDM642pw==

GET
H2 200 revac.min.js Show response
ad.mediaprimaplus.com.my/ 19 KB
8 KB 716ms
421ms Script
application/javascript 2606:4700:4400::6812:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.mediaprimaplus.com.my/revac.min.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:288b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-guploader-uploadid: ADPycdsm0Vdp0cLn4aQq0jYLSi04CouPb0bAZDyib5oAbZvMK85lKtYY3pCWlyBfaUA61tyM5h2s9iq40oh_EAQ-D1KMoA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 29 Apr 2022 01:26:29 GMT
server: cloudflare
etag: W/"4c588091328575df9aa141fec9b135ea"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=5ZKxvw==, md5=TFiAkTKFdd+aoUH+ybE16g==
x-goog-generation: 1651195589942021
content-type: application/javascript
cache-control: no-store
x-goog-stored-content-length: 19219
cf-ray: 74a5dd42faf590af-FRA
expires: Thu, 14 Sep 2023 02:59:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 131ms
46ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-330872026

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43f85c7c7820c57b53a430c4bc1918f8634c73d26c2fff71be2e7fdfd7d6b3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61597
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 00:00:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 02:59:02 GMT

GET
H3 200 icofont.woff2
www.bharian.com.my/assets/css/fonts/ 525 KB
526 KB 894ms
893ms Font
font/woff2 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/assets/css/fonts/icofont.woff2

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/css/libraries.css?id=7979572225756f8aee4c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bharian.com.my/assets/css/libraries.css?id=7979572225756f8aee4c
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:02 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 537868
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-8350c"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
vary: Accept-Encoding
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4139d59b9e-FRA

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v12/ 20 KB
20 KB 179ms
78ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v12/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@400;700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:16:28 GMT
x-content-type-options: nosniff
age: 106954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20468
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:16:28 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v12/ 20 KB
20 KB 194ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v12/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@400;700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 21:14:53 GMT
x-content-type-options: nosniff
age: 452649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20072
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:16:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 21:14:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 137ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@400;700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 500231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 148ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@400;700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bharian.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 250161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 110 KB
35 KB 175ms
41ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: b8bfed98d6cbc1c25b5d4fc71e198beb00c5fe8b1ba488d8588847a7c0f360a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: cdHXJ4Cq5DPVObrXI0s_8_NP.rql7LBJ
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 23:54:09 GMT
Server: nginx/1.20.0
x-amz-request-id: X29EBZMZ42GFM6YY
ETag: "a883d12f58cb36ed3dcee05fff6f7306"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=33851
Date: Wed, 14 Sep 2022 02:59:03 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35118
x-amz-id-2: EaIW3fDwTWfdrSKouTlcgolgul7alTvg3YFWmrfYRaB5aHU/TyihT0aI8CmMYRv43UxzFWoS5tE=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/121793/359/ 440 KB
130 KB 138ms
38ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed85c65256759dc6aaddbabba01aa20858808ca909029686ab5a3632b40d3aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 03:00:12 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=87226
accept-ranges: bytes
content-type: application/javascript
content-length: 132818
expires: Thu, 15 Sep 2022 03:12:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
87 KB 137ms
60ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ed8650eb6a70f03af90a62111c374a184c4e3f7cb94a5098ef94714343646db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89473
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 00:00:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 02:59:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 124ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: xmHo1R547JtTfo7WfRUVCEBJAqX1ogVME0KxWUBO8Ij5jZpO5YxvDw4NBWCTJc1hDsheDXnkHBV4Bb0vk6O2yA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 02:59:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

HEAD
H2 200 conversion_async.js
www.googleadservices.com/pagead/ 0
0 148ms
49ms Fetch
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: ad.mediaprimaplus.com.my
URL: https://ad.mediaprimaplus.com.my/revac.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 14 Sep 2022 02:59:03 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 24 B
316 B 185ms
62ms XHR
application/json 54.194.94.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/7272/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.94.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-94-16.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bharian.com.my
expires: 0
cache-control: no-cache
x-server: 10.45.15.155
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 24
x-consent: absent

GET
H3 200 logo_35.png
www.bharian.com.my/assets/ 8 KB
9 KB 891ms
890ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/logo_35.png?id=f87f9010ff2be57801b3

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec05c4f944956f0bf79cfe3a78babb8939593259fc8248ec299c301fdf2059f

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=12235
content-disposition: inline; filename="logo_35.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8546
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-2fcb"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:04 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49682a9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 bh-merdeka-web-v2.png
www.bharian.com.my/assets/ 14 KB
15 KB 243ms
243ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-merdeka-web-v2.png?id=d612ac8671659f00d847

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7100751cff61bb499a18868314a45f2564fe9429d0273ae3463541423ed28a9

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=34680
content-disposition: inline; filename="bh-merdeka-web-v2.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14650
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-8778"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:43 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49682b9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 social-appstore.png
www.bharian.com.my/assets/ 2 KB
2 KB 893ms
892ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/social-appstore.png?id=55874db1b7dddd5f03a0

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ba66e930efe7b43ff1f79f957d00e0abb693b61611eaf765a04dbbb6676b0b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2972
content-disposition: inline; filename="social-appstore.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1590
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b9c"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49682f9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 social-playstore.png
www.bharian.com.my/assets/ 2 KB
2 KB 262ms
261ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/social-playstore.png?id=4c620ae6fed478be37ec

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d99d86894222ef69a8008ea6cbdab6b2c3e0ba5fc7e79780b4e06da691ac794

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2925
content-disposition: inline; filename="social-playstore.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1614
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b6d"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:43 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4968339b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 tiktok-icon.png
www.bharian.com.my/assets/ 1 KB
1 KB 246ms
245ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/tiktok-icon.png?id=53acc5b92ccd9f85203e

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff06dc7a160acbf11cd6d1425913ace1f09e7acae1d44fff4e190c522508d7e

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2825
content-disposition: inline; filename="tiktok-icon.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1040
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-b09"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4968349b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 audio_plus_master.png
www.bharian.com.my/assets/ 3 KB
4 KB 892ms
891ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/audio_plus_master.png?id=633a170063b43a648dd8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7844
content-disposition: inline; filename="audio_plus_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3342
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1ea4"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4968369b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 hotfm_red.png
www.bharian.com.my/assets/ 2 KB
3 KB 856ms
854ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/hotfm_red.png?id=7e2926041831b258e1a2

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6584
content-disposition: inline; filename="hotfm_red.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2406
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-19b8"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:48 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4968389b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 buletinfm_master.png
www.bharian.com.my/assets/ 3 KB
3 KB 260ms
258ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/buletinfm_master.png?id=4a791378ee779b0c2f13

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7681
content-disposition: inline; filename="buletinfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2882
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1e01"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd4968399b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 8fm_master.png
www.bharian.com.my/assets/ 4 KB
5 KB 867ms
865ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/8fm_master.png?id=95e71486b6042424601c

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f4e3569ae744ad3fed3fb46ac51322315da4fd586b2c0ae76dfd82444844c0

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=11399
content-disposition: inline; filename="8fm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4502
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-2c87"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:59 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49683a9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 flyfm_master.png
www.bharian.com.my/assets/ 5 KB
6 KB 743ms
741ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/flyfm_master.png?id=80f32289c944efe8d3af

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21627d5e570e9ca13c00dfea0e822fe9bb499bc902e3bf3bbbc467d18589dd1a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=10522
content-disposition: inline; filename="flyfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5388
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-291a"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:05 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49683b9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 molekfm_master.png
www.bharian.com.my/assets/ 14 KB
15 KB 264ms
263ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/molekfm_master.png?id=5bee3440a1332d730f51

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=27993
content-disposition: inline; filename="molekfm_master.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14492
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-6d59"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49683d9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 bhtv-iconlive.png
www.bharian.com.my/assets/ 734 B
1 KB 816ms
815ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bhtv-iconlive.png?id=4aca40f146a2b01c1412

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a3dd6f556f2e7e56c7e1e0aadb99a94889a3599b329258aca61c26648342dd

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5618
content-disposition: inline; filename="bhtv-iconlive.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 734
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-15f2"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49683e9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 bh-mobile.png
www.bharian.com.my/assets/ 4 KB
4 KB 857ms
856ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-mobile.png?id=f257943a4977aef7b987

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b76af9d0eaf78a189efe3961f6d702e22ce649d40435f258ae59ef0b1f6843b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=6090
content-disposition: inline; filename="bh-mobile.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3708
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-17ca"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:11 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49b86d9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 icon-ios.png
www.bharian.com.my/assets/ 1 KB
2 KB 852ms
851ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/icon-ios.png

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4214
content-disposition: inline; filename="icon-ios.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1160
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1076"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49b86f9b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 icon-android.png
www.bharian.com.my/assets/ 1 KB
2 KB 815ms
814ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/icon-android.png

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3997
content-disposition: inline; filename="icon-android.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-f9d"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:12 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49b8709b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 bh-epaper.png
www.bharian.com.my/assets/ 3 KB
3 KB 898ms
898ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bharian.com.my/assets/bh-epaper.png?id=b42866502ee17e348fe8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36550222ac30f145fbce0ea7cc96ecd991e18b15506763a2799659e6fa50c5ef

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5269
content-disposition: inline; filename="bh-epaper.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2870
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Sep 2022 02:49:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
etag: "631fefd3-1495"
vary: Accept
content-type: image/webp
expires: Fri, 14 Oct 2022 02:58:58 GMT
cache-control: max-age=2592000
content-security-policy: default-src=*
accept-ranges: bytes
cf-ray: 74a5dd49b8719b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 nur_diana_petra_1663121388.jpg
assets.bharian.com.my/images/articles/ 104 KB
104 KB 81ms
53ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/nur_diana_petra_1663121388.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30028ec9e8d824c68d0474f65c68c50c2a4b19a942ad37f2a38518eff0ff7674

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 1517
cf-polished: qual=85, origFmt=jpeg, origSize=115639
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycds-TmXKEIMrF8DR1TaLUsezlDO1LBDaxfl3BgYKe-1m_FaykEiJka7LTEfCBMJH79EWtfNfbIo1SWQXHdzG9LFpwnFA8Ojc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="nur_diana_petra_1663121388.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106126
x-xss-protection: 1; mode=block
cf-ray: 74a5dd4a2d0b9974-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Wed, 14 Sep 2022 02:09:49 GMT
server: cloudflare
etag: "43929100c143022f917e67095ba45109"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=0wofUQ==, md5=Q5KRAMFDAi+RfmcJW6RRCQ==
x-goog-generation: 1663121389039070
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 115639
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 nur_diana_petra2_1663121727.jpg
assets.bharian.com.my/images/articles/ 93 KB
93 KB 84ms
57ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/nur_diana_petra2_1663121727.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3279ff9b9adb16663af879e9683f4454a0c168e61d69f17ccd5c2798bdd96600

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 1516
cf-polished: qual=85, origFmt=jpeg, origSize=108008
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdshprxnzsTkVXSjwnkLkCb--7e_LZpWN2eWnWDoJV20Y9ZkC9eAMGEAzoDqKpSW8htj7m_nB5WVsRSYXp4CwwzsCw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="nur_diana_petra2_1663121727.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95064
x-xss-protection: 1; mode=block
cf-ray: 74a5dd4a2d0d9974-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Wed, 14 Sep 2022 02:15:27 GMT
server: cloudflare
etag: "fd318058a5aacd0e906d12ad85805003"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=E4Sosg==, md5=/TGAWKWqzQ6QbRKthYBQAw==
x-goog-generation: 1663121727424250
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 108008
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 nur_diana_petra3_1663121393.jpg
assets.bharian.com.my/images/articles/ 91 KB
92 KB 89ms
62ms Image
image/jpeg 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/nur_diana_petra3_1663121393.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84a3cc1b2fa25857399845ed0a3195f34ba6a2baad9e1c79767649b37771e49b

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 1516
cf-polished: origSize=99360, status=webp_bigger
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycds-iY_ZezDVGMRrGARO0pWi5pwdOJyVnpJiquM1cuxz8lIpIgSSBjm7WBUamCpM6llaUsoba24nc2FyIxwimEZ9gA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93152
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Wed, 14 Sep 2022 02:09:53 GMT
server: cloudflare
etag: "f84ebabad294882655f3ef801c92a074"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=Bpmd5g==, md5=+E66utKUiCZV8++AHJKgdA==
x-goog-generation: 1663121393691977
access-control-allow-origin: *
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=3600
x-goog-stored-content-length: 99360
accept-ranges: bytes
cf-ray: 74a5dd4a2d0c9974-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 1000045 Show response
www.bharian.com.my/api/related/ 65 KB
9 KB 1168ms
1167ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/related/1000045?page_size=8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

297ec102e7c2679e8359496cd282be2483072c1ec4db2dd01d9797af9262d022

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:15 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd49f8989b9e-FRA

GET
H3 200 1000045 Show response
www.bharian.com.my/api/related/ 33 KB
6 KB 852ms
852ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/related/1000045?page_size=4

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74ec6920f54f332eb66c6852104a6450ff2f5c4f342a1f0a3d2fabc8e34385b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:55 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd49f89e9b9e-FRA

GET
H3 200 articles Show response
www.bharian.com.my/api/ 48 KB
9 KB 1075ms
1075ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/articles?page_size=6&tags=vaksin,+vaksinasi,+imunisasi

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebd458b7aa281bd53c1a6cbe2eb4acd6b896dcb6ada979fd683a39d3535d184

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:59:00 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd49f8a19b9e-FRA

GET
H3 200 trending Show response
www.bharian.com.my/api/ 47 KB
9 KB 417ms
417ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/trending?limit=6

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b6c2ddc2e8e504cb662bc54c25b97766521662ac9dc2040ad58bcadf144167

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:15 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd49f8a29b9e-FRA

GET posts
myresipi.com/wp-json/wp/v2/ 0
0

GET
H3 200 ohbulan Show response
www.bharian.com.my/api/ 3 KB
1 KB 245ms
245ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/ohbulan?limit=5

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5f0088bc5728aede7113f3b494296fbe877e2f70bf612a9a2cbf01583c718b

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:59:00 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd4a08a59b9e-FRA

GET
H3 200 siraplimau Show response
www.bharian.com.my/api/ 3 KB
1 KB 814ms
814ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/siraplimau?limit=5

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bf2cf278431668a4179a779a4e1b1977003174ab3d119e6ae1a50b1d35f4b0

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:13 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd4a08a79b9e-FRA

GET
H3 200 articles Show response
www.bharian.com.my/api/ 66 KB
12 KB 1133ms
1133ms XHR
application/json 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/articles?sttl=true&page_size=8

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79662dcc171a4ad34b346209adefdc5f563b8a9852b4060738f9cc26412e1d3

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
X-CSRF-TOKEN: Qr6nUV1tq9HTQM9lXeDG2jrEcRjJQjPezuDwVrT9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:22 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd4a08a89b9e-FRA

GET
H3 200 1000045 Show response
www.bharian.com.my/api/statistic/add/ 0
326 B 856ms
856ms XHR
text/html 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/api/statistic/add/1000045

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/assets/js/desktop/app.js?id=48747525a8813696c0db

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
x-response-encrypted: 1
x-request-encrypted: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 google
x-content-type-options: ALLOW
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 02:58:15 GMT
server: cloudflare
x-frame-options: allow-from http://digital.nstp.com.my/
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src=*
cf-ray: 74a5dd4a28c69b9e-FRA

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 125ms
48ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-330872026

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 02:59:03 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 126ms
36ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=35503
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e2578aea74df413/ 1 KB
703 B 63ms
55ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e2578aea74df413/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e24b68c44e525ab549052d6691eb27280a003523df1c6e6713cc980d4ce6f67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
etag: 1670372397--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=46, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 527

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 231ms
208ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6321437e0b2095c5&bkl=0&bl=1&pdt=2131&sid=6321437e0b2095c5&pub=ra-5e2578aea74df413&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bharian.com.my&fp=berita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=sultanah%20kelantan%2Cnur%20diana%20petra%20abdullah%2CPKDK%2CIstana%20Negeri%20Kubang%20Kerian&colc=1663124350891&jsl=1&uvs=6321437e34762c10000&skipb=1&callback=addthis.cbs.jsonp__61899382647868250
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cef730942001436dc128165f58a10277ecee18289a4c17894c6891b7ffe82139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 20E8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 8CFF 71 KB
26 KB 46ms
46ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 14 Sep 2022 02:59:03 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 4312273875505550 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 122ms
79ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4312273875505550?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bc05ccb26a6ee6deb1b3fee999a054dffe3ffea34f730e4b9709ab95f22bb46

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: aOHHm7LBrxhUQNTIFvgJBTM2dtnEHteDElFOhtZOIvO5ctRUZeW15fF2mVZZfB9ynIGkvLJAA8TXFCAyBtFllA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 02:59:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/bharian.com.my/ 736 B
1 KB 1055ms
264ms Script
text/javascript 52.79.102.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/bharian.com.my/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.79.102.132 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-79-102-132.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

0e82b78b51724cc19be9ee0d97a94fdbf9fca2854e086aeb1389d5c567ba288f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"2e0-CW+lWtugtPAi8+SXvhKvgQbgwp0"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 404

POST
H3 200 rum Show response
www.bharian.com.my/cdn-cgi/ 0
169 B 40ms
39ms XHR
text/plain 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bharian.com.my/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74a5dd4b79cc9b9e-FRA
vary: Origin

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 85 KB
29 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd860d941cc2e6ce8b31d32b0638de2d59f64716342788924e04a75835636605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29131
x-xss-protection: 0
server: sffe
etag: "1333 / 220 of 1000 / last-modified: 1663109653"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Sep 2022 02:59:03 GMT

GET
H2 200 scam-3-1.jpg
media.ohbulan.com/2022/09/ 111 KB
112 KB 146ms
50ms Image
image/jpeg 2606:4700:4400::ac40:9902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.ohbulan.com/2022/09/scam-3-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086c9a0a2d7d503e6b6d578eac74e1e0f8eba2e51eaf0fee3030c89acb274c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 535
cf-polished: origSize=126509, status=webp_bigger
x-guploader-uploadid: ADPycdug0QyPMZQH0uL6ZUH7ZOSGTj7GmQH4QVnqldFk702eKLCYoOkGMtC1rtJDJ-Eg7UAbWXtH503bRJuzmj3JwNIFW0dN0FHb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113399
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 14 Sep 2023 02:46:32 GMT
last-modified: Wed, 14 Sep 2022 01:44:49 GMT
server: cloudflare
etag: "b64ce1c3a15c529a57064eb52be2cde9"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=wOe9iw==, md5=tkzhw6FcUppXBk61K+LN6Q==
x-goog-generation: 1663119889432024
content-type: image/jpeg
vary: Accept-Encoding
x-goog-stored-content-length: 126509
accept-ranges: bytes
cf-ray: 74a5dd4c8ded6921-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 yi-feng-1-scaled.jpg
media.ohbulan.com/2022/09/ 277 KB
277 KB 194ms
99ms Image
image/jpeg 2606:4700:4400::ac40:9902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.ohbulan.com/2022/09/yi-feng-1-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06a4ebf9e0af34f918c8b980217c9ebab3daeea4548c1f1237a10c27f4b80760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 535
cf-polished: origSize=297503, status=webp_bigger
x-guploader-uploadid: ADPycdtwsGi7k_QLh80mz6cdl0gzvrVtL0pynN-SxnDrvVsR-PCZ6r_cwZEXTHzT9JPec7Ov8vc5jEHmT5lcRrqe2oEF9YMeiiWa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 283278
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 14 Sep 2023 00:18:03 GMT
last-modified: Tue, 13 Sep 2022 23:47:55 GMT
server: cloudflare
etag: "c690fb0a966ff574d604b4f813de9af8"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=/s/TUw==, md5=xpD7CpZv9XTWBLT4E96a+A==
x-goog-generation: 1663112875593493
content-type: image/jpeg
vary: Accept-Encoding
x-goog-stored-content-length: 297503
accept-ranges: bytes
cf-ray: 74a5dd4c8dee6921-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Lelaki-Yaman-Ditahan-Didakwa-Tunai-Umrah-Untuk-Ratu-Elizabeth-II-scaled.jpg
media.ohbulan.com/2022/09/ 186 KB
187 KB 193ms
98ms Image
image/jpeg 2606:4700:4400::ac40:9902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.ohbulan.com/2022/09/Lelaki-Yaman-Ditahan-Didakwa-Tunai-Umrah-Untuk-Ratu-Elizabeth-II-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391651dcec07f90f9796ca307f8b48e70986bd59c5dd5fd327ec8f843a99e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 535
cf-polished: origSize=210443, status=webp_bigger
x-guploader-uploadid: ADPycdvQTpBe_Znr2gqjSftXQD327vSaFUnf27hnoP7opMMt3FSw-zix9jA3kYnTzZLf_yP9XTy1O6uN7q9ZMeiS_B4kBqtSrem2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190872
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 13 Sep 2023 23:04:34 GMT
last-modified: Tue, 13 Sep 2022 17:19:44 GMT
server: cloudflare
etag: "dabecccfb225efc3ca9294b6a4a27578"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=WdzBUg==, md5=2r7Mz7Il78PKkpS2pKJ1eA==
x-goog-generation: 1663089584027593
content-type: image/jpeg
vary: Accept-Encoding
x-goog-stored-content-length: 210443
accept-ranges: bytes
cf-ray: 74a5dd4c8def6921-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 befunky_2022-8-3_0-31-20-scaled.jpg
media.ohbulan.com/2022/09/ 293 KB
293 KB 268ms
173ms Image
image/jpeg 2606:4700:4400::ac40:9902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.ohbulan.com/2022/09/befunky_2022-8-3_0-31-20-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ddf554805390cf36b334e2bdbc95de19bfc878046d50dfc70d49a2870483461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=311096, status=webp_bigger
x-guploader-uploadid: ADPycdtm-vz4r2dwY1K_4yrsTc3MszMtFIPWtcg3EScmGj4TPI7o71VtXRS5hMQg03u5KkmW1_P8V1Ncli8pg2qekbo5MA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299654
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 13 Sep 2023 17:29:43 GMT
last-modified: Tue, 13 Sep 2022 16:31:50 GMT
server: cloudflare
etag: "3a942cd4f562e56ce6ae58d7aaf725da"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=5Mcn3A==, md5=OpQs1PVi5WzmrljXqvcl2g==
x-goog-generation: 1663086710450411
content-type: image/jpeg
vary: Accept-Encoding
x-goog-stored-content-length: 311096
accept-ranges: bytes
cf-ray: 74a5dd4c8df06921-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 isteri-suami-gaduh-1-scaled.jpg
media.ohbulan.com/2022/09/ 220 KB
221 KB 267ms
173ms Image
image/jpeg 2606:4700:4400::ac40:9902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.ohbulan.com/2022/09/isteri-suami-gaduh-1-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b1ec68c08564ef11388bbcba5ffcb8b9048fb1a05a87a63826aad296fb14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=247615, status=webp_bigger
x-guploader-uploadid: ADPycdt6hATRggMmRhXnjeXAYTD4bGyyvUBZZnceQKRvDZ7uiEqZ5XoCfNgSnsJt2CBS21Q_lMbMgg686Xr0HcKfeh0RBPTY8klj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 225446
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 13 Sep 2023 12:11:32 GMT
last-modified: Tue, 13 Sep 2022 11:43:45 GMT
server: cloudflare
etag: "d731fb886852a86deb8bc0f968dd6b22"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=c65Q6g==, md5=1zH7iGhSqG3ri8D5aN1rIg==
x-goog-generation: 1663069425456847
content-type: image/jpeg
vary: Accept-Encoding
x-goog-stored-content-length: 247615
accept-ranges: bytes
cf-ray: 74a5dd4c8df26921-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 50ms
50ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 02:59:03 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: xmHo1R547JtTfo7WfRUVCEBJAqX1ogVME0KxWUBO8Ij5jZpO5YxvDw4NBWCTJc1hDsheDXnkHBV4Bb0vk6O2yA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 02:59:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 142ms
41ms Script
application/x-javascript 2600:9000:236e:8c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:18:28 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 6035
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jY1rBbuEw8O7TdJVP43Y05ilX0DAVxyPQ46LoAHcR77kgSnYbvN2sw==
expires: Wed, 14 Sep 2022 03:18:28 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 137ms
38ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 04:51:50 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 86069
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Njc78jzZVYMcVj4BZO4sSv3bP9IjE6p5UekdyXHeIIz2WY61lgqtGg==

GET
H2 200 ins.js Show response
bharian.api.useinsider.com/ 284 KB
79 KB 149ms
59ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bharian.api.useinsider.com/ins.js?id=10001947

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f239cc2f2553e1fb7472b4a9ceabba0f367190ddd044f74326ba611ee25bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1653
vary: Accept-Encoding
x-amz-request-id: PKTR7RX1WTJ45PFK
x-amz-id-2: NFWCRfM6ptoY5UB0QXIcB6R/M3KgB8jcr3nj3Nd8cBioRpK8M0emytwZDZjO++i9yiHlpNJEsac=
pragma: public
last-modified: Tue, 13 Sep 2022 14:07:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c280f4fc1cac2c7670f00d9f62b9e606"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public, max-age=300
x-amz-version-id: o.EWSPeKwcjwek29YgA7nDdhI9S7IjJQ
cf-ray: 74a5dd4cfc7890c7-FRA
expires: Wed, 14 Sep 2022 03:04:03 GMT

GET
H2 200 56lhfvmosw Show response
www.clarity.ms/tag/ 1 KB
2 KB 857ms
409ms Script
application/x-javascript 2620:1ec:27::cafe:1686
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56lhfvmosw
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1686 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d2b3cddc1dcc1789d58668977161edf0eec3bf2c0659b2f3fbc2599937e52957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-powered-by: ASP.NET
x-azure-ref: 0eEMhYwAAAACTyOuLnydzT5jA5q9XwtzNRFhCMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 heartbeat.min.js Show response
heartbeat.mediaprimaplus.com.my/ 110 KB
38 KB 85ms
54ms Script
application/javascript 2606:4700:4400::6812:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:288b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bf04738b0339f9f22115a3aee30620bf2e3d81e96f8cc7f0a0eeb96a62693b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 31
x-guploader-uploadid: ADPycdt6CQhdAMrLYWleRwvKOZNrhl4zdGw3SCCzOT9tznQNh2PermV4mPS6s0OmoS8nC9PWkouE56zklXbHNT7sq7r9NtXu8t8W
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 23:25:01 GMT
server: cloudflare
etag: W/"e4c3516d455a44997b7d38f7393fef79"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=yB635g==, md5=5MNRbUVaRJl7fTj3OT/veQ==
x-goog-generation: 1655767501318616
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31535844
x-goog-stored-content-length: 112979
cf-ray: 74a5dd4c9f2f90af-FRA
expires: Thu, 14 Sep 2023 02:56:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNY0ZCR65R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d72a88dfb4a4ca3cd159fe6dc8cedd1bf2f704f34ef5d31b54e7585cec936f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75101
x-xss-protection: 0
expires: Wed, 14 Sep 2022 02:59:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 150ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPSJR8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7023
date: Wed, 14 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 03:02:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/ 2 KB
2 KB 194ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=1663124351073&cv=9&fst=1663124351073&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e9359d1ffff79e1323adedc83b8bb44ba2780ddcb3184b765a93dfd56ec7416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 44ms
44ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 14 Sep 2022 02:59:03 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/330872026/ 2 KB
1 KB 52ms
50ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/330872026/?random=1663124351115&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

1bdb6b2e7d6b79a4bd94aac8bdf890d5de5d2e76450bb0c19c64d08e80d6cf69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/ 2 KB
1 KB 88ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=1663124351122&cv=9&fst=1663124351122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f76a5366a6d2c274898e62a3bc1873b9ace6f9ad17e72f5b58e43bc90beeb3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BHKANTAN14_BHfield_image_listing_featured_v2.var_1663120655.jpg
assets.bharian.com.my/images/articles/ 76 KB
76 KB 58ms
57ms Image
image/jpeg 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHKANTAN14_BHfield_image_listing_featured_v2.var_1663120655.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ea5462f8471eced00f56f107bc2bcd9f0c749ff455921ca454eb615b88cfcb

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 2084
cf-polished: origSize=80984, status=webp_bigger
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdsA4nEIAkblUDoWLCI9dFzKJnjtloPcY0y9VhV97RqlYV-55gkvWJ6URsastgcae_SRwXLbWBhvkfHpHKae_6Mf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77370
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Wed, 14 Sep 2022 01:57:35 GMT
server: cloudflare
etag: "35f5b704faf8564621ed47fac4786d6d"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=9GrzrQ==, md5=NfW3BPr4VkYh7Uf6xHhtbQ==
x-goog-generation: 1663120655619617
access-control-allow-origin: *
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=3600
x-goog-stored-content-length: 80984
accept-ranges: bytes
cf-ray: 74a5dd4caaa29b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 fesyenbeth_BHfield_image_listing_featured_v2.var_1663119051.jpg
assets.bharian.com.my/images/articles/ 51 KB
52 KB 55ms
54ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/fesyenbeth_BHfield_image_listing_featured_v2.var_1663119051.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6dddecc97355eb564029a19a8acb1c9ff9cfa6df4836b37c98cd1cf2e55c252

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 2084
cf-polished: qual=85, origFmt=jpeg, origSize=98021
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdtdDODts57ykuiYjyrCVQBwHODGhKGLn7WKajV1yoQZIPs9sQ8BQ9k3jA_Z-cjmSnXJH92iUvpvqi1W6F9zU-xOK1AjNmcM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="fesyenbeth_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52332
x-xss-protection: 1; mode=block
cf-ray: 74a5dd4caaa69b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Wed, 14 Sep 2022 01:30:51 GMT
server: cloudflare
etag: "9d20ebb42bbdbc8424deac55dc12903f"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=Yw+QPQ==, md5=nSDrtCu9vIQk3qxV3BKQPw==
x-goog-generation: 1663119051360003
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 98021
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 BH13PONDANBEBAS-O_BHfield_image_listing_featured_v2.var_1663070345.jpg
assets.bharian.com.my/images/articles/ 19 KB
20 KB 51ms
50ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BH13PONDANBEBAS-O_BHfield_image_listing_featured_v2.var_1663070345.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fef000d05d244ab71c9800781e6ab7eb29f1a5c09b617eecc182121e540b46e

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 53861
cf-polished: qual=85, origFmt=jpeg, origSize=61989
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycduwd9Ukd_XNAW8i2GfTW9bc25U5iRaPjzMizvIg4lQu11Ppl5DlnsyhnSLwuRIEIgZBghktclBg81yjDRgQHNX9OFicunMB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="BH13PONDANBEBAS-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19662
x-xss-protection: 1; mode=block
cf-ray: 74a5dd4caaa89b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Tue, 13 Sep 2022 11:59:05 GMT
server: cloudflare
etag: "bd0e6ed940912a8b5ca35a4e002480fc"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=4W69Mw==, md5=vQ5u2UCRKotco1pOACSA/A==
x-goog-generation: 1663070345849687
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 61989
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 BHJIN_BHfield_image_listing_featured_v2.var_1663047109.jpg
assets.bharian.com.my/images/articles/ 42 KB
42 KB 53ms
52ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHJIN_BHfield_image_listing_featured_v2.var_1663047109.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1e082adc1cddbab0002246054c1b3c0ff42fc31e058c851c57b4f05a499db2

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 73260
cf-polished: qual=85, origFmt=jpeg, origSize=62194
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdvXDnosJPpI_9JArJd6tgc0Jdw3ch9VsDdV8Jabv5NvBvOCufd9pguoLJ1aIqmHO-VDLGLmSXoxQfg0dpPy3uSljg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="BHJIN_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42660
x-xss-protection: 1; mode=block
cf-ray: 74a5dd4caaa99b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:03 GMT
last-modified: Tue, 13 Sep 2022 05:31:49 GMT
server: cloudflare
etag: "5f4384189754ce13305814ae5f940624"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=7ai6Qg==, md5=X0OEGJdUzhMwWBSuX5QGJA==
x-goog-generation: 1663047109658961
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 62194
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

POST
H2 204 collect
region1.analytics.google.com/g/ 0
350 B 130ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JNY0ZCR65R&gtm=2oe9c0&_p=375007276&_gaz=1&cid=284938708.1663124351&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663124351&sct=1&seg=0&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&dt=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNY0ZCR65R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 169ms
47ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JNY0ZCR65R&cid=284938708.1663124351&gtm=2oe9c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNY0ZCR65R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 134ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JNY0ZCR65R&cid=284938708.1663124351&gtm=2oe9c0&aip=1&z=1501947838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 232088944879946 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/232088944879946?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dd8940de580b7bda100c53cde1dda2c7c17a8a21035d21ca75ff31820419780

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DxTX5IGtEIADR84GWcJ9xnf97zu+DtI/FP/q3itMR095JoJrwynr47S9S1r3p8JJiOsa0sFvNu7Kc3dE/K7hYg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 02:59:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 130ms
41ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4312273875505550&ev=PageView&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&rl=&if=false&ts=1663124351206&sw=1600&sh=1200&v=2.9.79&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1663124351203.49642840&it=1663124350914&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 02:59:04 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/330872026/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
https://www.google.com/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.de/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...

42 B
64 B

53ms
52ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuWkhyWTF5eUdQLWF0dllCN3hMSVBYdThjNkk3OW1RLXdISEctQlh0N3RjdGgwGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5WdVJ0UTZZQURUemNKVGRkSzk4YzEzN3BmRHlXVFM4LXRGSV8xWENZT2JJSG80Z2tNNHA2NnFR&is_vtc=1&ocp_id=d0MhY8ieL_SF9fgP2veSiAw&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UgJpDMpL2zQ-731UU0drxJWq1AdJMWyQk&random=2798841415&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/330872026/?random=94159518&cv=9&fst=1663124351115&num=1&value=0&label=Ks6ECKH3x9sCENrp4p0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuWkhyWTF5eUdQLWF0dllCN3hMSVBYdThjNkk3OW1RLXdISEctQlh0N3RjdGgwGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5WdVJ0UTZZQURUemNKVGRkSzk4YzEzN3BmRHlXVFM4LXRGSV8xWENZT2JJSG80Z2tNNHA2NnFR&is_vtc=1&ocp_id=d0MhY8ieL_SF9fgP2veSiAw&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UgJpDMpL2zQ-731UU0drxJWq1AdJMWyQk&random=2798841415&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022090801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
131 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Sep 2023 15:02:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 579 B
852 B 133ms
46ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bharian.com.my

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb5ebcc25c6cc5371d37578413b71a66aa7be55fbc1d437d5a4758e809174990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
expires: Wed, 14 Sep 2022 02:59:03 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
323 B 57ms
41ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
last-modified: Wed, 14 Sep 2022 02:00:00 GMT
server: nginx/1.15.8
date: Wed, 14 Sep 2022 02:59:03 GMT
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
346 B 211ms
203ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&callback=_ate.cbs.rcb_81mm0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

738b6a7a5a2f029e9b35150ff7d94426fbde756e9ffff7536b6f552b32a006e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
last-modified: Wed, 14 Sep 2022 02:59:04 GMT
server: nginx/1.15.8
date: Wed, 14 Sep 2022 02:59:04 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
346 B 214ms
210ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&callback=_ate.cbs.rcb_9v760

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2b080bab92b152d19b4cc2535cda237d9e946c57535561d3b764ff8c64a646f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
last-modified: Wed, 14 Sep 2022 02:59:04 GMT
server: nginx/1.15.8
date: Wed, 14 Sep 2022 02:59:04 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 39ms
38ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1663124351308&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&c8=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: i7mWwInpkjfXExh6xztyxvbPYft91AABXLwbW1vEsjzUOsIxZ_CK8g==
x-cache: Miss from cloudfront

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 48ms
47ms Script
application/x-javascript 2600:9000:236e:8c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:52:45 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:51:11 GMT
server: nginx
age: 378
etag: W/"62d7517f-1181e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: MEzQ6RbO805i9SVJVFEVolW9ICEXJYCqYHV6Z00QSMNBhbJAjJo8nA==
expires: Wed, 14 Sep 2022 04:52:45 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 253 B
540 B 153ms
42ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bharian.com.my&domain=bharian.com.my&path=%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ac2648064ff9c66d9f4528ab60c104f0ac9451dcd2cb54ac3b394c229fef262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-cache-hits: 1
age: 1483
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 187
x-served-by: cache-ams21020-AMS
access-control-allow-origin: *
x-timer: S1663124344.092314,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 12 Sep 2022 02:34:20 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=UA-98696-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-330872026

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f56ccc6f38d0222f48e2a8ac98644eb007f3c9308f1da3c3e6661409c90f89a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42224
x-xss-protection: 0
expires: Wed, 14 Sep 2022 02:59:04 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/330872026/ 42 B
548 B 97ms
50ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/330872026/?random=1663124351073&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=3987402324&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/330872026/ 42 B
64 B 130ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/330872026/?random=1663124351073&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=3987402324&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/330872026/ 42 B
108 B 97ms
51ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/330872026/?random=1663124351122&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=2014469122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/330872026/ 42 B
64 B 130ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/330872026/?random=1663124351122&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=2014469122&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 117ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Sep 2022 03:37:22 GMT

GET
H2 200 worker-new.html Show response
bharian.api.useinsider.com/ Frame 60C3 8 KB
3 KB 50ms
49ms Document
text/html 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bharian.api.useinsider.com/worker-new.html
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11b762d8970d24fb363fd01415e89647b04c5ec0d52f55576d47cbbe638b9d8

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 647
cache-control: public, max-age=1382400
cf-cache-status: HIT
cf-ray: 74a5dd4e5d4290c7-FRA
content-encoding: br
content-type: text/html
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Fri, 30 Sep 2022 02:59:04 GMT
last-modified: Mon, 12 Sep 2022 20:54:46 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 log.png
sentinel.api.useinsider.com/ 34 B
406 B 61ms
52ms Image
image/webp 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sentinel.api.useinsider.com/log.png?s=TypeError%3A%20URL%20is%20not%20a%20constructor%0A%20%20%20%20at%20g._hostIsInOne%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A164134)%0A%20%20%20%20at%20g._getAbts%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A163988)%0A%20%20%20%20at%20g._getAbts%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A289902)%0A%20%20%20%20at%20g.isSkeletonParameterValid%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A161631)%0A%20%20%20%20at%20g.isSkeletonParameterValid%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A289902)%0A%20%20%20%20at%20B.boot%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A59940)%0A%20%20%20%20at%20s%20(https%3A%2F%2Fbharian.api.useinsider.com%2Fins.js%3Fid%3D10001947%3A1%3A52363)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4975
cf-polished: origFmt=png, origSize=68
x-cache: Hit from cloudfront
content-disposition: inline; filename="log.webp"
content-length: 34
last-modified: Tue, 28 May 2019 11:22:43 GMT
server: cloudflare
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
vary: Accept
content-type: image/webp
expires: Wed, 14 Sep 2022 03:04:04 GMT
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 74a5dd4e6d4790c7-FRA
x-amz-cf-id: GUcM3gbRBluwwAOJmhdeBx7oCYiyX416X1EJfmhoUUuucpR0yakfHg==
cf-bgj: imgq:85,h2pri

GET
H3 200 884209658375988 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/884209658375988?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19c9a39538558408ae0d68dc2025304bce00a82a6e7e1218529112c819f1be1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Yy2GI6o7vcSZ+Z/tyLqsbQKujjpWPGWzBH+KJkz3gtAlf7ANCTm/XqASnpMUmT6eYR2UrQIH0nPW18OXBY2j2g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 02:59:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 79ms
37ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=232088944879946&ev=PageView&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&rl=&if=false&ts=1663124351438&sw=1600&sh=1200&v=2.9.79&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1663124351203.49642840&it=1663124350914&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 02:59:04 GMT

GET
H2 200 166312435147442ed8ec0b0.aa7b5d64 Show response
segment.api.useinsider.com/v4/segments/ 927 B
765 B 171ms
81ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/166312435147442ed8ec0b0.aa7b5d64?partnerid=10001947&fields=58f836c50123bb4967ff1e9953036542,2f0beb66732fe6cb577639c375e70756&
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede736874c54a33e484f3dc30563098b2621babf90027a864118639c2af04455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 74a5dd4f3c9868fd-FRA

GET
H2 200 / Show response
location.api.useinsider.com/ 248 B
1 KB 163ms
74ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10001947&
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61266fb44d6958b3914c58706a9b6335df703b29eddfba6a940f06f5e74cfaf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=B_C_kWvN6xUEfCANGF1egMvOuZffzXm9V3KT9ImKBAY-1663124344-0-AQFANBeUDwhyraAiIZGJPh5NWNY4Jz8ZcSte0zTTXj5DaT7XHuHwfyA2rL3GvZBeVSClYGOOHvbgOiBhcRgel15Dckp5vS9DgzHmPLyMRr1G; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=B_C_kWvN6xUEfCANGF1egMvOuZffzXm9V3KT9ImKBAY-1663124344-0-AQFANBeUDwhyraAiIZGJPh5NWNY4Jz8ZcSte0zTTXj5DaT7XHuHwfyA2rL3GvZBeVSClYGOOHvbgOiBhcRgel15Dckp5vS9DgzHmPLyMRr1G"}],"group":"cf-csp-endpoint","max_age":86400}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 74a5dd4f48e890e8-FRA
content-type: application/json

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
139 B 82ms
73ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInJlZmVyZXIiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInVzZXJJZCI6IjE2NjMxMjQzNTE0NzQ0MmVkOGVjMGIwLmFhN2I1ZDY0IiwicGxhdGZvcm0iOiJ3ZWIiLCJjdXN0b21TZWdtZW50SWQiOjExLCJsb2dUeXBlIjoiaW1wcmVzc2lvbiJ9&t=cs&pn=bharian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a5dd4ecd8f90c7-FRA
content-length: 42
content-type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 383ms
128ms Image
image/gif 34.235.205.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bharian.com.my&p=%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&u=BnN2OYCuqYwGDDQNaJ&d=bharian.com.my&g=65124&g0=nasional&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3234&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3301&_s=%7B%22ga%22%3Anull%7D&t=DFPNkUDfn-2TD7gIR7B-_7r2D0USKU&V=136&i=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&tz=0&sn=1&sv=Bp56bQBntQem2HqGBDVICcj3PkDr&sd=1&im=0653044f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.205.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-205-35.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 69ms
68ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInJlZmVyZXIiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInVzZXJJZCI6IjE2NjMxMjQzNTE0NzQ0MmVkOGVjMGIwLmFhN2I1ZDY0IiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkQ3VycmVuY3kiOiIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiTTJJMFltSjFiSE10YVRGMU5TMTNiM2x0TFdSaE5UQXRhV056ZUhKNVpqZHdjVFl3WHpFMk5qTXhNalF6TlRFPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTY2MzEyNDM1MiIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImMxMjMiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=bharian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a5dd4f0dc290c7-FRA
content-length: 42
content-type: image/gif

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=UA-98696-4&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7024
date: Wed, 14 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 03:02:00 GMT

GET
H2 200 doktor.jpg
media.siraplimau.com/2022/09/ 76 KB
77 KB 182ms
92ms Image
image/jpeg 2606:4700:4400::ac40:9893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.siraplimau.com/2022/09/doktor.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc0736972e33c1690ed8b8b32784358465ca02f4173c36e9f09d0c4ed15741c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1938
cf-polished: origSize=89119, status=webp_bigger
x-guploader-uploadid: ADPycdv0fi-_7eXqpICHa1PRXovEz3pQb1LeUuTorrh1R2JLbSVliU23-F1w79XUVy7y8uO_oSwlNrUGnMTdAfLIubfn8D12otCb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78142
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 06:59:04 GMT
last-modified: Wed, 14 Sep 2022 02:14:49 GMT
server: cloudflare
etag: "910563955cbe72a7a6ba72ca5f5faf2b"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=BCFaNg==, md5=kQVjlVy+cqemunLKX1+vKw==
x-goog-generation: 1663121689040923
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
x-goog-stored-content-length: 89119
accept-ranges: bytes
cf-ray: 74a5dd4fd931bb7a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 6GkMGQDJ-BeFunky-collage-__-2-1.jpg
media.siraplimau.com/2022/09/ 113 KB
114 KB 136ms
47ms Image
image/webp 2606:4700:4400::ac40:9893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.siraplimau.com/2022/09/6GkMGQDJ-BeFunky-collage-__-2-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed9c47ba55f7cc6ca6310c2056e114b765435903265a3961bdbe937cbf5ea06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1938
cf-polished: origFmt=jpeg, origSize=143684
x-guploader-uploadid: ADPycdsbc8FRNx6lzmJgecdREbkTT2Dadyo7WmDSQkJ1FCcFrIh5trOdIzH0XY9gIDnYbDFibwZIyhh7fFM454MWcv1TDYbp9FnL
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="6GkMGQDJ-BeFunky-collage-__-2-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115620
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 06:59:04 GMT
last-modified: Tue, 13 Sep 2022 07:48:52 GMT
server: cloudflare
etag: "775ef4dfcdabf7735b096b7e9d4e0682"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=iwGk4Q==, md5=d170382r93NbCWt+nU4Ggg==
x-goog-generation: 1663055332495170
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-goog-stored-content-length: 143684
accept-ranges: bytes
cf-ray: 74a5dd4fd933bb7a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 MBPKWjF4-BeFunky-collage-__-4.jpg
media.siraplimau.com/2022/09/ 80 KB
80 KB 179ms
90ms Image
image/webp 2606:4700:4400::ac40:9893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.siraplimau.com/2022/09/MBPKWjF4-BeFunky-collage-__-4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2959a137e1161478a7bfa3cd2d39fb9e83c5b17ec8af64b0a355dad6deae124d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1938
cf-polished: origFmt=jpeg, origSize=107454
x-guploader-uploadid: ADPycduXWXd81nsUPKlOz272e03zAUzo3ON6iyRMy_dlEyiQ8Q8_HcOU8cRwBiyDrli7OS30uI1GTEuQ8jAAzflmmwzQig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="MBPKWjF4-BeFunky-collage-__-4.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81668
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 06:59:04 GMT
last-modified: Tue, 13 Sep 2022 06:20:16 GMT
server: cloudflare
etag: "f1f1ba9209bece48b91567cd862cf546"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=za8o3w==, md5=8fG6kgm+zki5FWfNhiz1Rg==
x-goog-generation: 1663050016733853
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-goog-stored-content-length: 107454
accept-ranges: bytes
cf-ray: 74a5dd4fd934bb7a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 UBAT-STAPLER.png
media.siraplimau.com/2022/09/ 223 KB
224 KB 181ms
93ms Image
image/webp 2606:4700:4400::ac40:9893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.siraplimau.com/2022/09/UBAT-STAPLER.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d96fec0238c8cac6f3c8924c5d89978feec8a07f2f45bcc7dbeceebb42e71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1031
cf-polished: origFmt=png, origSize=368519
x-guploader-uploadid: ADPycduwfsgwidvfTVe8YoxLfz2HQBuVOegQsmLVypPGvp-5F_xcAPwZxWoxq7GFRM2V0dVWBbxOqgQc53AB8vkcoST2scr_1wHS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="UBAT-STAPLER.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228842
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 06:59:04 GMT
last-modified: Tue, 13 Sep 2022 06:13:04 GMT
server: cloudflare
etag: "3beffdd70f4d5a5350e8f3dfadcf5813"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=aIXemw==, md5=O+/91w9NWlNQ6PPfrc9YEw==
x-goog-generation: 1663049584791706
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-goog-stored-content-length: 368519
accept-ranges: bytes
cf-ray: 74a5dd4fd935bb7a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Screenshot-2022-09-13-at-11.36.52-AM.png
media.siraplimau.com/2022/09/ 229 KB
230 KB 180ms
92ms Image
image/webp 2606:4700:4400::ac40:9893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.siraplimau.com/2022/09/Screenshot-2022-09-13-at-11.36.52-AM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb694a246195c56aa60a2331254baef94bdab4e17969eeac83ac47f2eda7396c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 534
cf-polished: origFmt=png, origSize=435068
x-guploader-uploadid: ADPycdviKvDAqje94ReaditS-LhNvzPzAr_9kk1J88L26LA5U7gt9Yle7vIB5ncrg_yE4Qw49c0vTNgGKgv1NkVttu2_h3jw97v8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="Screenshot-2022-09-13-at-11.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 234680
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 06:59:04 GMT
last-modified: Tue, 13 Sep 2022 03:37:08 GMT
server: cloudflare
etag: "7e991e0bd1b1412e6d7f0fb638de84b3"
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=iR1kww==, md5=fpkeC9GxQS5tfw+2ON6Esw==
x-goog-generation: 1663040228706616
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-goog-stored-content-length: 435068
accept-ranges: bytes
cf-ray: 74a5dd4fd936bb7a-FRA
cf-bgj: imgq:100,h2pri

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 147ms
50ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=552119128&gjid=1600986860&_gid=1755395758.1663124351&_u=aCDAgQAjAAAAAE~&z=507564227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 02:59:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=375007276&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ul=en-us&de=UTF-8&dt=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=Set%20Client%20ID&_u=aCDAgQAj~&jid=552119128&gjid=1600986860&cid=284938708.1663124351&tid=UA-98696-4&_gid=1755395758.1663124351&gtm=GTM-TPSJR8&cd18=1663124351063.7hhdlyf&cd19=2022-09-14T02%3A59%3A11.63%2B00%3A00&cd20=article&z=1435057446

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 18:55:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=375007276&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ul=en-us&de=UTF-8&dt=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgQAjAAAAAE~&jid=&gjid=&cid=284938708.1663124351&tid=UA-98696-4&_gid=1755395758.1663124351&gtm=GTM-TPSJR8&cd5=no&cd6=n%2Fa&cd7=editorial&cd8=n%2Fa&cd9=n%2Fa&cd10=n%2Fa&cd13=2022-09-14&cd14=09%3A57%3A36%2B08%3A00&cd15=n%2Fa&cd18=1663124351080.sqntqrrc&cd19=2022-09-14T02%3A59%3A11.80%2B00%3A00&cd20=article&z=1866085677

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 18:55:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=375007276&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ul=en-us&de=UTF-8&dt=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=%5BD%5D%20Track%20Article%20Page-impressions-custom&el=(builder%20ID%3A%205448)%20-%20Variation%20Ratio%3A%20100%25&ev=0&_u=aDDAgQAjAAAAAE~&jid=&gjid=&cid=284938708.1663124351&tid=UA-98696-4&_gid=1755395758.1663124351&gtm=GTM-TPSJR8&cd18=1663124351063.7hhdlyf&cd19=2022-09-14T02%3A59%3A11.63%2B00%3A00&cd20=article&z=1890828596

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 18:55:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET 284938708.1663124351
recsysbh.nstp.com.my/articles/ 0
0

GET
H3 200 BHSOLTANAH2_BHfield_image_listing_featured_v2.var_1659415424.jpg
assets.bharian.com.my/images/articles/ 54 KB
55 KB 74ms
74ms Image
image/jpeg 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHSOLTANAH2_BHfield_image_listing_featured_v2.var_1659415424.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3ab12efcbb08f4ab0d942bd23b8c3009ca60b01903625517375d00a4823bfa

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: origSize=57890, status=webp_bigger
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdv-zuId43cn3TcThcG4Jf5UlldQc646Y8S8afb9eDbwUIrG-KM5GpRLezodzC6iD4wrRIEZjrkY-Z0lPM4h9X_DkKUYP67_
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55241
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Tue, 02 Aug 2022 04:43:44 GMT
server: cloudflare
etag: "e9d111fa5de90e9ef74da29aa7bab885"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=0gWPkg==, md5=6dER+l3pDp73TaKap7q4hQ==
x-goog-generation: 1659415424430813
access-control-allow-origin: *
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=3600
x-goog-stored-content-length: 57890
accept-ranges: bytes
cf-ray: 74a5dd500d579b9e-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 bhsantapan29-o_BHfield_image_listing_featured_v2.var_1656513353.jpg
assets.bharian.com.my/images/articles/ 68 KB
69 KB 87ms
86ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhsantapan29-o_BHfield_image_listing_featured_v2.var_1656513353.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbd6b77c6c60a93119c9bd30d30a80ca441f8eef93f276a526b2175c69dbc4d

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=120103
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdvZymS2lp_YD-fELm_YdT2BLLxL-YM_IY2cK8eQZ26dp45tqk5Lfs9WcfnlZjM99CzwUrQ77ktRFAk76e5R7a4kME1qA8Z8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhsantapan29-o_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70098
x-xss-protection: 1; mode=block
cf-ray: 74a5dd500d5a9b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Wed, 29 Jun 2022 14:35:53 GMT
server: cloudflare
etag: "2eba02434865649dd6fc7da6401332a8"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=noggUg==, md5=LroCQ0hlZJ3W/H2mQBMyqA==
x-goog-generation: 1656513353740249
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 120103
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 bhdoa29-o_BHfield_image_listing_featured_v2.var_1659110058.jpg
assets.bharian.com.my/images/articles/ 97 KB
97 KB 90ms
89ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhdoa29-o_BHfield_image_listing_featured_v2.var_1659110058.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3f0a7ca425355deec908e5fd2a3c88d1bfaaf83b007b4537e96d862dfd254f

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=152776
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdvuVvMdLXmTXG0fOIsDjBLGAWI_GPSrY9RH56LqWInzf3-vfmdl8NrXSAC_mCCbqyeCaQEPPITG_7raKqIERcndbTrj0hTs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhdoa29-o_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98896
x-xss-protection: 1; mode=block
cf-ray: 74a5dd500d5c9b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Fri, 29 Jul 2022 15:54:18 GMT
server: cloudflare
etag: "bbdf814f0400844e630c5e3bd0f367cb"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=CW0G1Q==, md5=u9+BTwQAhE5jDF470PNnyw==
x-goog-generation: 1659110058141737
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 152776
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 BHSULTANMIZAN9-O_BHfield_image_listing_featured_v2.var_1646808974.jpg
assets.bharian.com.my/images/articles/ 120 KB
121 KB 133ms
132ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHSULTANMIZAN9-O_BHfield_image_listing_featured_v2.var_1646808974.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa81b9d802fddc9b7ed4a6c5d0bc29da5ec62ab28b3d0bf4a92c68911d183773

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=173593
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdt6ugBBiCoe-WiqXPViKN1GYzeDRVo6Xu-_-sZ4ULVUy5YXyIlwgqpnbG-AA8LfX7b2SDrf4Epq-1ew-lvwH-kWcr-IWYeE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="BHSULTANMIZAN9-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123020
x-xss-protection: 1; mode=block
cf-ray: 74a5dd500d5d9b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Wed, 09 Mar 2022 06:56:14 GMT
server: cloudflare
etag: "27ee38c8db0229dfd1d0f8a16d37eef6"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=3p+jKw==, md5=J+44yNsCKd/R0PihbTfu9g==
x-goog-generation: 1646808974528609
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 173593
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
352 B 80ms
72ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 68bb14be-e2a3-417d-a868-4d7263e1d0ce
cf-ray: 74a5dd5039a190e8-FRA
content-length: 16

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 184ms
57ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
458 B 138ms
51ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a9c683dafadb4dff62ad2365f4e23deae7a8e7ae27e63000862c3402d8e16c03

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 arj Show response
mediaprima-d.openx.net/w/1.0/ 73 B
145 B 168ms
66ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a12a9e48-9e0e-42d6-8c9b-6033e038270a&nocache=1663124351725&aus=728x90&divids=div-gpt-ad-1405571653366-0&aucs=%252F1009103%252FBH_728x90_b&auid=543531558
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3baf20d2589d4ba9089fdcb3458dc3a6fa96f151008716f76717f5cbe73b85f4

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bharian.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 137ms
40ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b792384b-4634-4470-a163-d1e2a0332117
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
296 B 167ms
50ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a969590018080195ac21b8d64320040&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b169662984de349300d8cfbb1e50911ac500a09470d0c46af5c2ccf4274e2aea

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
309 B 153ms
54ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503584&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211cbb08bf29ae83%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221213bd60119e46f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22503584%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1009103%2FBH_728x90_b%22%2C%22gpid%22%3A%22%2F1009103%2FBH_728x90_b%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d94a4117dbe4e575b62924b9ce6aa28a70749caa68516fe61d5c457d9a85b

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRQkZxviy8iT5Lfw4b4yivXd7gB4TMqJ2HTiKDb1rmTxbqvSLzDiKigCZD4%2B%2Bm9YW%2BmKnozneyqK6aFiDAG0ZJW2v98344RySrMuZcfKlEiFs3XAcID1rNbsI3UAYgGeflrUMnzE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74a5dd50fc869c06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 219ms
55ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 197ms
85ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
319 B 127ms
52ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a606a3fc9f38f290f36d92f1abc30c8f6d44a2e66afcafc7393a7715c262958d

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 127ms
40ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e7669b8-94e8-4106-b91c-8daca1c2d9ff
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
mediaprima-d.openx.net/w/1.0/ 73 B
145 B 153ms
65ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4ba9b686-2370-4c16-8dd9-df7edbf9f718&nocache=1663124351739&aus=300x250&divids=div-gpt-ad-1405571729893-0&aucs=%252F1009103%252FBH_300x250&auid=543531561
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: eb9b3cf4136ff3089572baf0b8db352d50463c7879ded5b9b42bb373a144cf11

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bharian.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
571 B 139ms
52ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503585&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222328921b71418a5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22243501c512fdd08%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22503585%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1009103%2FBH_300x250%22%2C%22gpid%22%3A%22%2F1009103%2FBH_300x250%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68d78fe9e56fb4a1f8bd3d5654ecb38d8fb0ab7f1d9ab49197dab2624b1e7b8

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqnFXhsWB%2F5QZfv9LoWVuLv11B5sOIflXjhNW4bqNVVbKcqI7cN4ssTFqkSpHHrmWxvVQZpTP1UyAy%2FxZ%2Br1pDsq3GqO%2B%2FlmWtheVjSn3N1Vog9I3to85TzkgRaSfCuZioHasdBi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74a5dd50fc879c06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 207ms
54ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 219ms
117ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a9691770180801956081b8dd88d0045&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a5b229fb2b7ae35e96a918f84a597b1867485d856817cf469be30074f5d4adc8

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 190ms
88ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
307 B 133ms
53ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503586&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22314cc2ccdf470b3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232cc1eaf22f95ff%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22503586%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1009103%2FBH_300x250_b%22%2C%22gpid%22%3A%22%2F1009103%2FBH_300x250_b%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce43624ffdb99bdc47832e7320a1b19463fa4d596a49a833f3d361a3c6486c16

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNHdddV35w4ys7Ltx9R%2FoNwakRCHJdpJuT4HUT9Cak2JfJQjq23TVSPlZOXS2lG9BwHdaLKxVWqgfRkgAp4N3A7DO%2BJ7J0iPeXbayx01ou9eNOn0avdgpwlpNOdpBYGloKuQ14Fn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74a5dd50fc889c06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 177ms
83ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
112ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a969590018080195ac21b8e46fa0041&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5e5923f83079634a7407732c48932d4c9dac3aafc2e7855d65196d2d556e693b

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
319 B 110ms
52ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e82620c6d8f8684ea8481ef85364d4e219a2463569113cc4168220cb5516d3d

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 arj Show response
mediaprima-d.openx.net/w/1.0/ 73 B
381 B 134ms
60ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3815d37d-9198-49be-935d-63dbb6882272&nocache=1663124351753&aus=300x250&divids=div-gpt-ad-1405571790350-0&aucs=%252F1009103%252FBH_300x250_b&auid=543531565
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e552c20e58ff0ad3500c9fe9d901df855594dce5d249b6a2060b7c740847fdc3

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bharian.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 115ms
37ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e2768cf5-67f0-4c64-b719-6604b042050a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 194ms
55ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST hb
heartbeat-api.mediaprimaplus.com.my/ 0
0

OPTIONS
H2 204 hb
heartbeat-api.mediaprimaplus.com.my/ Frame 0
0 482ms
368ms Preflight
text/html 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartbeat-api.mediaprimaplus.com.my/hb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bharian.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74a5dd517a35698f-FRA
content-type: text/html
date: Wed, 14 Sep 2022 02:59:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 9510f2a3e73a094625998c4e4ecb9797
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 BHANNUAL7-O_BHfield_image_listing_featured_v2.var_1662543046.jpg
assets.bharian.com.my/images/articles/ 21 KB
21 KB 61ms
59ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHANNUAL7-O_BHfield_image_listing_featured_v2.var_1662543046.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd81b4a2c81ef1e4bb8aae80b902ca0fc2f33b2365c066d9325a427b6f929086

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 44053
cf-polished: qual=85, origFmt=jpeg, origSize=53708
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycduwEPjxxyPemfYVwD1rTweQ_54zECn0pbZHrtkUoCZ6hXiMwiNoq-D2QymmPuHMEgJjpsWGwiYypYPBIVYcGgRfTw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="BHANNUAL7-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20992
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e6f9b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Wed, 07 Sep 2022 09:30:47 GMT
server: cloudflare
etag: "baf6df714a4c6ec00a86c6a9ada78666"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=lYEtVw==, md5=uvbfcUpMbsAKhsapraeGZg==
x-goog-generation: 1662543047619994
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 53708
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 bhcindian7-O_BHfield_image_listing_featured_v2.var_1662513894.jpg
assets.bharian.com.my/images/articles/ 52 KB
52 KB 53ms
51ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhcindian7-O_BHfield_image_listing_featured_v2.var_1662513894.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fbc7c99d52978bf1aa0fad91bfd30a11eba1b7cc685ae99f5930257c9d70fde

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 13114
cf-polished: qual=85, origFmt=jpeg, origSize=91867
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdulXmUT1c1kXt2-9pwxkvkLFUvPelQzm7qDRoTk1sr2cn7GirL8VKYMFs8K0_6olBIZvRbsrgOhuAQXMhN7KLdW7bwyeH_V
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhcindian7-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52786
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e709b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Wed, 07 Sep 2022 01:24:54 GMT
server: cloudflare
etag: "7dfb84f6b35b2bfd193834ddffce289b"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=TJLLRA==, md5=ffuE9rNbK/0ZODTd/84omw==
x-goog-generation: 1662513894687741
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 91867
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 bhrekod16-o_BHfield_image_listing_featured_v2.var_1657958673.jpg
assets.bharian.com.my/images/articles/ 22 KB
22 KB 58ms
57ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhrekod16-o_BHfield_image_listing_featured_v2.var_1657958673.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da05ad9f7303211758f87d98708f7ea7142267e9b5a98f6237a12566bd6b77b

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 23276
cf-polished: qual=85, origFmt=jpeg, origSize=61642
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycduH2EjrN8_jJU0UiOYVYAjDHIwbUy1nCK_8o06FtY1Vtwr56_vpoL4YpxOs7g93CujkCx6UJY1GG6mcyXdxs_siwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhrekod16-o_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22296
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e729b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Sat, 16 Jul 2022 08:04:33 GMT
server: cloudflare
etag: "c1414967fe9fe5f9d73b17189e74d62d"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=UKtB+g==, md5=wUFJZ/6f5fnXOxcYnnTWLQ==
x-goog-generation: 1657958673035828
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 61642
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 bhpanvac15-O_BHfield_image_listing_featured_v2.var_1657858524.jpg
assets.bharian.com.my/images/articles/ 6 KB
7 KB 62ms
60ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhpanvac15-O_BHfield_image_listing_featured_v2.var_1657858524.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b24897de9588e4f2d70b17fe6a98040866885cd9871707a46e7e6fa6439f545

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 62708
cf-polished: qual=85, origFmt=jpeg, origSize=14511
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdugT0zDVPa7yLiXb4PkE7qXWLjuuaS9ie61Cpdfcko0F-JRRlR-0VnqvB-vcLhEtzpSZU8BCBxhgFNWmjhstnCe_A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhpanvac15-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6090
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e739b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Fri, 15 Jul 2022 04:15:24 GMT
server: cloudflare
etag: "7e408adce31c901786d7911d99997693"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=xnzKfg==, md5=fkCK3OMckBeG15EdmZl2kw==
x-goog-generation: 1657858524534191
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 14511
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 bhvacbaby15-O_BHfield_image_listing_featured_v2.var_1657846770.jpg
assets.bharian.com.my/images/articles/ 17 KB
18 KB 61ms
59ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/bhvacbaby15-O_BHfield_image_listing_featured_v2.var_1657846770.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7343cd1696f0bb61058c17bbd4f4431036e21d737cc29f67b7703006ea567776

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 85606
cf-polished: qual=85, origFmt=jpeg, origSize=44134
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdutxI-OGtEjCKPiL-mtGvqyvJ7nJ2164ocgvCUu0uk0s5VUYXvV6s8DZIG21JJ2cv9bkQ2QoJ-Q15AccDGxfVNzLWY9_ePW
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="bhvacbaby15-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17470
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e749b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Fri, 15 Jul 2022 00:59:30 GMT
server: cloudflare
etag: "96a9ddc6284fb4a688e76f6fc27d8def"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=xdn4hg==, md5=lqndxihPtKaI529vwn2N7w==
x-goog-generation: 1657846770769110
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 44134
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 BHVAKSINUS30-O_BHfield_image_listing_featured_v2.var_1656571514.jpg
assets.bharian.com.my/images/articles/ 21 KB
22 KB 64ms
63ms Image
image/webp 2606:4700::6812:15f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bharian.com.my/images/articles/BHVAKSINUS30-O_BHfield_image_listing_featured_v2.var_1656571514.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a4d8e432a0bb4b178a03bc9a9c6c4929bcf754cb84160e6ca0a87619943689

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 23229
cf-polished: qual=85, origFmt=jpeg, origSize=221291
access-control-expose-headers: Content-Type
x-guploader-uploadid: ADPycdsb5c86uvrwiSU3sR4kzvxz3ERztgXZNhI3X4tiP4XZ4fBYwf8p36aSFVIyEjBxY-cDOwfjXv0LMKwddt2m4_kVSQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="BHVAKSINUS30-O_BHfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21556
x-xss-protection: 1; mode=block
cf-ray: 74a5dd512e759b9e-FRA
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 14 Sep 2022 03:59:04 GMT
last-modified: Thu, 30 Jun 2022 06:45:14 GMT
server: cloudflare
etag: "b63fc39f94aa72d61d6509a739a77e46"
x-frame-options: allow-from http://digital.nstp.com.my/
x-goog-hash: crc32c=Ubh9pQ==, md5=tj/Dn5SqctYdZQmnOad+Rg==
x-goog-generation: 1656571514538159
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=3600
x-goog-stored-content-length: 221291
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 138ms
50ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=552119128&_u=aCDAgQAjAAAAAE~&z=1966821735

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 53ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=552119128&_u=aCDAgQAjAAAAAE~&z=1966821735

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 62ms
51ms Stylesheet
text/css 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/opt-in-dialog.css

Requested by

Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47822
cf-polished: origSize=4371
cf-bgj: minify
x-xss-protection: 1
pragma: public
last-modified: Mon, 12 Sep 2022 20:54:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"631f9c96-1113"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 74a5dd514efb90c7-FRA
expires: Sat, 17 Sep 2022 02:59:04 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 19 KB
6 KB 67ms
55ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce2d9e4f37945d460ffdf2bc2baf2fb3913e1f924b111a742f968b3b30c4f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Sep 2022 11:11:49 GMT
server: cloudflare
age: 6395
etag: W/"c8d49bf3fae5b61890a370b14c3e0c96"
vary: Accept-Encoding
x-amz-version-id: Dg39s_mAkZyP_XP7sghZys2vMkQV3G2n
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 74a5dd514efc90c7-FRA
x-amz-request-id: X9HWV10R2V4AR1JB
x-amz-id-2: AghLo1vHJ0Wjq80zc2rJsVnJ0gMSTbEZr7KQCY16lbYWme9j+7qrd2Y3G2P+QxT1yuoTRKnHcJQ=
expires: Wed, 14 Sep 2022 03:04:04 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
298 B 80ms
75ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: bharian.api.useinsider.com
URL: https://bharian.api.useinsider.com/ins.js?id=10001947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 37ae32df-4c8c-449f-b74f-11335cb0d8c4
cf-ray: 74a5dd513a4f90e8-FRA
content-length: 16

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/ 2 KB
1 KB 204ms
123ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=1663124351875&cv=9&fst=1663124351875&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7679e159acf67586a8982e9f57acb0e89f321762914741f09313fe78f0bd9f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2A5C 0
15 B 39ms
37ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.bharian.com.my
Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bharian.com.my
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:04 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 135ms
135ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a969590018080195ac21b9068b70046&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e292008636fcf6278f40e12cf30751a8f3d0efba13c7161136bcc24bed3bafde

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 56ms
55ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 47ms
46ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 49a09be95f9462eebd0c8fa0575b47e2653ad8cc99d2124e036a234f83546405

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 76ms
75ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 37ms
37ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0abc76d2-1696-4551-868d-f81ca168ea59
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
251 B 216ms
71ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 14 Sep 2022 02:59:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 154ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bharian.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 151ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bharian.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 666 B
420 B 194ms
116ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=1689143521253109&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_Outofpage&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=78959647&sfv=1-0-38&ists=1&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D66e7488de09a0ee%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352013&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=0&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=1600x1200&msz=0x0&fws=128&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d90c8433a5f254c4124af5eae37bb22e32ecb8bd1930bdd15e2ba2f1d59739e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 164ms
50ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

593bca57d34b3fb3085cae42a2fa02f91c86fdd38a64ce14514e044eac1ceb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11138
x-xss-protection: 0

GET
H2 200 container.html Show response
c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F094 6 KB
4 KB 162ms
44ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Thu, 14 Sep 2023 02:59:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 51ms
50ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:03 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 47ms
47ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 500f223b1adcbfbe3c4737565c3ffa89b71db15b88cf01479185954d348f13d6

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3 200 arj Show response
mediaprima-d.openx.net/w/1.0/ 73 B
101 B 98ms
53ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=40490fc0-fe4a-4be4-8003-70b659f34dc3&nocache=1663124352029&aus=970x250%2C970x90%2C728x90&divids=div-gpt-ad-1405572266072-0&aucs=%252F1009103%252FBHWeb_Billboard_Homepage_970x250&auid=543531574
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 12946be1b877c0e634b3790e0f3cba696b728aa34860f5f535636e5198ea65e9

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bharian.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 41ms
40ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5bed51ab-261e-43b9-9458-00925622b255
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 141ms
140ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a9691770180801956081b8fb7c30047&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: be21a3516c863878c018795c6ef672601c36a9e8684f793a536d3c618f1cbcd4

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 81ms
80ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
539 B 97ms
53ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503589&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22699466a21b64945%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270186fe583ff842%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22503589%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22503589%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22503589%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1009103%2FBHWeb_Billboard_Homepage_970x250%22%2C%22gpid%22%3A%22%2F1009103%2FBHWeb_Billboard_Homepage_970x250%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb3315722347355c2ff15eecc077a64badd1b07751d5fb155cfd6707dfb100c

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsVI9aI4L4tl7z2a39W6zE%2BWfXddP6nYTgQlC3cbCxj46TMkoRHgPiYkyesPTGIBTJwKnEHbyXaLYphOrco02MQQy6eJCiQ9kmytZK9lklOAg77qNXKof61nNFkFKz9jB7KibZ7k"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74a5dd5288109b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 89ms
89ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 38ms
38ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9ed3ba10-8e07-4a87-a955-c1fd9db35914
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 52ms
51ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/ 2 KB
1 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/330872026/?random=1663124352062&cv=9&fst=1663124352062&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&auid=1912672954.1663124351&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abb4fae0206d72fe17da19202c17a197e18365ddce4d0aceb45c1ee06f31db9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7FF2 0
15 B 38ms
38ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.bharian.com.my
Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bharian.com.my
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:04 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B32D 52 KB
17 KB 127ms
37ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 80451
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1108604
X-Served-By: cache-lga21939-LGA, cache-hhn4068-HHN
X-Timer: S1663124345.805315,VS0,VE0

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 59D5 0
80 B 60ms
48ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 14 Sep 2022 02:59:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame FBFA 3 KB
2 KB 190ms
37ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 97AC 0
91 B 55ms
46ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 14 Sep 2022 02:59:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA8C 15 KB
6 KB 39ms
37ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=143636
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 15 Sep 2022 18:53:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 58AA 21 KB
8 KB 149ms
61ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

17685d159b2a31c3a264538a08d0f9b7ac4327472c58b972548c55ad916f64de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7825
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Fri, 16 Sep 2022 02:59:04 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2E18 52 KB
17 KB 112ms
36ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 80451
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1067161
X-Served-By: cache-lga21939-LGA, cache-hhn4032-HHN
X-Timer: S1663124345.807215,VS0,VE0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 24D5 3 KB
2 KB 177ms
38ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 1A6B 0
80 B 47ms
46ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 14 Sep 2022 02:59:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4BEB 15 KB
6 KB 38ms
37ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=143636
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 15 Sep 2022 18:53:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6D1E 21 KB
8 KB 141ms
63ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

17685d159b2a31c3a264538a08d0f9b7ac4327472c58b972548c55ad916f64de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7825
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Fri, 16 Sep 2022 02:59:04 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 009E 3 KB
2 KB 169ms
37ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 589C 52 KB
17 KB 118ms
43ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 80451
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 14 Sep 2022 02:59:04 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1062673
X-Served-By: cache-lga21939-LGA, cache-hhn4030-HHN
X-Timer: S1663124345.818714,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DECA 15 KB
6 KB 42ms
37ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=143636
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 15 Sep 2022 18:53:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4AE0 21 KB
8 KB 134ms
63ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKXW7J4&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

17685d159b2a31c3a264538a08d0f9b7ac4327472c58b972548c55ad916f64de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7825
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Fri, 16 Sep 2022 02:59:04 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1766 15 KB
6 KB 41ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=143636
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 02:59:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 15 Sep 2022 18:53:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 406 B
248 B 302ms
302ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=2185550940903304&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=1441408753&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D69f4ea95fbe9913%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352107&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=1010&adys=245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=405x3127&msz=300x0&fws=128&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d21f78711598d4c0d1b92d4d602aa0c235b911a5c0a26c53b08945d272f2a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 164ms
80ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=4394086445570543&vrg=2022090801&nw_id=1009103&nslots=12&eid=31069552%2C31069604&pub_url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 408 B
251 B 349ms
348ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=2932537241415744&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_300x250_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3677031915&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D67751d930ead105%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352121&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=1055&adys=714&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=405x3127&msz=300x0&fws=128&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e734b9e8ff583e040f9d9eed1fc94e066611d1d2bd575c28422f0b895fc626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 406 B
245 B 239ms
238ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=2835079770253967&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_728x90_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=412231658&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D689878f82880bc6%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352165&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=234&adys=2971&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=810x3127&msz=728x-1&fws=128&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75275de842deb2d0b94450046d236ac2d50188dc1296e1e08f445fe78c9fd56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 51ms
51ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 47ms
46ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKXW7J4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c7ac64f2c31b254839b8780001b86f0abe21b8e97b8c4201647876b623ed43e

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
115ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699fd0180800380c50897e5c40107&pos=8a9691770180801956081b8f26a70046&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3f554791436fbdf38fee385a669bfc13417e669a0dd84031f3171f0f9151e574

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
access-control-allow-credentials: true
content-length: 62

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
509 B 51ms
50ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503587&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2283474a821f317a1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22849da4156d65ddf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22503587%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22503587%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1009103%2FBH_Multisize_HouseAds%22%2C%22gpid%22%3A%22%2F1009103%2FBH_Multisize_HouseAds%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb18959d4cb4fd90f9cd26b3f146ad58f908f5b22ccd89125e1f3c2ccf6dffc2

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hU%2BUQkvVFZ2QfEfnBDF94t%2BDK4qS%2B9ViQKpN27%2Fm7Ucrc4B9A8rO7wfQj%2BqYV9wWZcp7CO9eECkxSJctLvN3yMMAj0ade1v8WvWzPRntMG6BAHoWIB7ge9mk054NIxBkgdbYkH5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74a5dd5328a59b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 70ms
69ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 37ms
37ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d1cfbaef-7cf0-4387-9c8f-14c3e388474a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
mediaprima-d.openx.net/w/1.0/ 73 B
101 B 51ms
51ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d3bc3546-866d-4c42-ac94-3ecedba7f1fc&nocache=1663124352178&aus=300x250%2C300x600&divids=div-gpt-ad-1497839032218-0&aucs=%252F1009103%252FBH_Multisize_HouseAds&auid=543531568
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c60a7006ece4856ff97fc18d5563cf9d1f78ad2fd4c34d3cda2888a7f3108a4b

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bharian.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 45ms
44ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 17 B
252 B 62ms
62ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9725890d097e04728161c29f833d9c02807b5b1d1f340cced4457117a2c8503

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bharian.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 43
expires: Wed, 14 Sep 2022 02:59:04 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 50ms
46ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:04 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fd4fec68-3e6c-4dcc-8a59-30547a6c7177
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bharian.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 48ms
47ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 51ms
51ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 398 B
240 B 88ms
87ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=1731567265841248&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=2187081723&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D71495e4a49a6f24%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352271&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=0&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=1600x1200&msz=1600x0&fws=0&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abac589feff1880ec5696db117750d3ac5708235f345ce3f99b01313e6c9afb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 266ms
266ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=3073418417161225&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBHWeb_Billboard_Homepage_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=6&adks=609881003&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D72c553c45f9c281%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352282&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=200&adys=237&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=1200x0&msz=970x16&fws=128&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b1b9d55329b3c3aabce7bdcd55984594b7ac8c4cc07d61f9590e1c0e3cefcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7990
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.40/ 54 KB
23 KB 401ms
400ms Script
application/javascript 2620:1ec:27::cafe:1686
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56lhfvmosw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1686 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0eEMhYwAAAADtkC2ZuvSJTYHNHjHZ8OkXRFhCMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&RedC=c.clarity.ms&MXFR=3C41C99AA12064DE1B9BDB85A5206AF9
https://c.clarity.ms/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&MUID=1A3FBB5908F461BB1968A946097F6026

42 B
368 B

54ms
54ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&MUID=1A3FBB5908F461BB1968A946097F6026
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1F03410BF6345178773B5C9789C1DEA Ref B: FRA31EDGE0516 Ref C: 2022-09-14T02:59:05Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E133AA47C40843B7AE744C95F101D302&MUID=1A3FBB5908F461BB1968A946097F6026
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 view Show response
r-log.dable.io/s/bharian.com.my/u/00000000.0000000000000/ 54 B
199 B 852ms
280ms Script
text/javascript 15.164.184.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/bharian.com.my/u/00000000.0000000000000/view?url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&lang=en-US&items%5B0%5D%5Bid%5D=1000045&items%5B0%5D%5Bc1%5D=nasional&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&cid=00000000.0000000000000&gdpr=1&z=135968&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.164.184.67 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-164-184-67.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 00000000.0000000000000 Show response
api.dable.io/widgets/id/1oVeOZXP/users/ Frame 8228 26 KB
5 KB 335ms
334ms Document
text/html 52.79.102.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.102.132 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-102-132.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e67cac166df605ae1fcf15472f567ce2a4310659c8f5600529c8168efc72bfcc

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 5361
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 14 Sep 2022 02:59:05 GMT
server: istio-envoy
x-envoy-upstream-service-time: 75

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220914%22,%22u%22:%2200000000.0000000000000%22%7D%7D

0
491 B

317ms
310ms

Image
text/plain

121.53.104.194
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220914%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Protocol

Server

121.53.104.194 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220914%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEOy2wZMK3-2C-AnPiHgoS9A&google_cver=1

35 B
207 B

879ms
269ms

Image
image/gif

13.125.31.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEOy2wZMK3-2C-AnPiHgoS9A&google_cver=1
Protocol: H2
Server: 13.125.31.135 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-125-31-135.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEOy2wZMK3-2C-AnPiHgoS9A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
884 B 1646ms
276ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr/idsync?pid=120&uid=00000000.0000000000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14-Sep-2022 11:59:05 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
607 B 1070ms
356ms Image
text/plain 103.243.202.190
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 02:59:05 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 150ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 143 KB
42 KB 310ms
309ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=4209113784833684&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=2961308992&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=pwtsid_pubmatic%3D737b2ca5f2ec0da%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663124352334&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1f818268d6d61b76493dac82bb678bb419f0d3fa9db7e7c5ecb83915b4797b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42787
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022090801.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022090801.js?cb=31069552

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a675ecfef5937c8c45a95db9566e42c79e8058b554901336974c399d6b53bbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13609
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Sep 2023 10:59:45 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 320 B
171 B 271ms
271ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=1777674348917809&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBHWeb_Island_Ad_Top_400x200&enc_prev_ius=%2F0%2F1&prev_iu_szs=400x200%7C300x250&ifi=8&adks=4175273752&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D703878ea5034a6a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie=ID%3D7d66ea0402fd8bc4%3AT%3D1663124344%3AS%3DALNI_MaZIUHF4IucfgoO_GjqUPZZm8qpQQ&abxe=1&dt=1663124352442&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=200&adys=2177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=795x1953&msz=400x0&fws=128&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5cf86d31ee5476f838269bc00302c32c40d1bbbbc1e277d80495792dddd6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
117 B 77ms
76ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInJlZmVyZXIiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInVzZXJJZCI6IjE2NjMxMjQzNTE0NzQ0MmVkOGVjMGIwLmFhN2I1ZDY0IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTY2MzEyNDM1MTQ3NDQyZWQ4ZWMwYjAuYWE3YjVkNjQiLCJsYW5ndWFnZSI6Im1zX01ZIn0%3D&t=w&pn=bharian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a5dd54d93990c7-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 77ms
76ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInJlZmVyZXIiOiJodHRwczovL3d3dy5iaGFyaWFuLmNvbS5teS9iZXJpdGEvbmFzaW9uYWwvMjAyMi8wOS8xMDAwMDQ1L3N1bHRhbmFoLWtlbGFudGFuLW51ci1kaWFuYS1wZXRyYS1idWF0LWtlbXVuY3VsYW4tcGVydGFtYSIsInVzZXJJZCI6IjE2NjMxMjQzNTE0NzQ0MmVkOGVjMGIwLmFhN2I1ZDY0IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjYzMTI0MzUxNDc0NDJlZDhlYzBiMC5hYTdiNWQ2NCIsImxhbmd1YWdlIjoibXNfTVkifQ%3D%3D&t=w&pn=bharian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a5dd54d93b90c7-FRA
content-length: 42
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/330872026/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/330872026/?random=1663124351875&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=2257548516&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/330872026/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/330872026/?random=1663124351875&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=2257548516&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DA8C 0
42 B 150ms
41ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35605634&p=121793&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=121793
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:03 GMT
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/330872026/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/330872026/?random=1663124352062&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=286793092&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/330872026/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/330872026/?random=1663124352062&cv=9&fst=1663120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9c0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&tiba=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&async=1&fmt=3&is_vtc=1&random=286793092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bharian.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bharian.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 297 B
149 B 75ms
75ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=3172147687398231&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_pixel&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&adks=388395667&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D77682c6b81eb87c%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie=ID%3D005c58d63011dbda%3AT%3D1663124344%3AS%3DALNI_MaFhU67rIKbCcnj65UjzgeWSO_bDg&abxe=1&dt=1663124352496&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=0&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=128&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c7d7db6a23936aadedb5fd8e15a980005426abde9c658340ea2925373ab44e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 312 B
162 B 81ms
81ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=2025943741949707&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_SiteTakeover_800x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=2673884859&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Dlisting%26pwtsid_pubmatic%3D75526dfe3c7cf3c%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie=ID%3D005c58d63011dbda%3AT%3D1663124344%3AS%3DALNI_MaFhU67rIKbCcnj65UjzgeWSO_bDg&abxe=1&dt=1663124352503&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=0&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=1600x1200&msz=0x0&fws=128&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f577f47130c0c218f3173def6ded60212af9708a36036848edf5d5a321e50733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 314 B
166 B 418ms
417ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=564838969633564&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_Multisize_HouseAds&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=11&adks=766040532&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D746289b8f74d1f2%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie=ID%3D005c58d63011dbda%3AT%3D1663124344%3AS%3DALNI_MaFhU67rIKbCcnj65UjzgeWSO_bDg&abxe=1&dt=1663124352510&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=1010&adys=714&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=390x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfefe1b8f188b58d1bd3b65c16376beca146ee07be4a56194ccf8691dc4e7a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame B32D
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

37ms
37ms

Script
text/html

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 696ab32b-d40d-4efc-84bc-518b01f8c576
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8cde56e1-7c48-42e9-ae31-893777f2c06d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 2E18
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

37ms
37ms

Script
text/html

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54fc461a-dfc6-4a86-adb9-4aacf3d03fca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6a767ec4-b85c-4873-8f1b-6224e87719be
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 589C
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

38ms
37ms

Script
text/html

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20f666d3-9ae2-42bf-b059-a49c255a7ec9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b60558f-5eda-429d-8afc-9ebf981a1afc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 8C10
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

158ms
59ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c2f92343a776d79dc6dd939ef2eba6fd8130da6cc6d3b643eb603eb2dd689f

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd56e8ffbbcd-FRA
content-encoding: br
content-type: text/html
date: Wed, 14 Sep 2022 02:59:05 GMT
dropped-udsids: 39|45|241|230|13|111|17|18
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32kq8OoWgdnUZJzH23nti5GH1%2BStzFWyHaJCeSzAuHYamcv7d8B1Uwq7B37iSpO8gjSfbv%2B7aSACJEMo6ry%2BCGN2LCwVcKOQUXdppMdcysLhOL19572zVlcDoESnfYIGwhlJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd55fa0e9177-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZIXRhODLQqmZgC10JbY5X%2BuWkiyqn9qih51ZQEpGSPyr%2Fg4zjU1k1d3KVlkpwZk7KzIB04%2FSVkNnn%2B7YgCzTw%2BqNxJOQE3iuwkaS6eGWeMD%2FE1wD8XvVv54KWeUMlVafb4Jp6%2BgKEB1TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 6402
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

154ms
57ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127eac3851dbb875efb39fee2247ac1164028a4924a2ae7435bf49d6fcee7c80

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd56e900bbcd-FRA
content-encoding: br
content-type: text/html
date: Wed, 14 Sep 2022 02:59:05 GMT
dropped-udsids: 39|241|45|230|17|40|123|64
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gitomuzky1SOLebmC3w8HKSzxGVgFRmyWTQA5F0NJtXJWTvKJ9AYJW0dDAmm5uPzeGzeb3XeqgVTma4Ni2HFRbXM2AHkDT6VnsaGI2DptcoXGzFOQWxFzMQGJN1S0AbiH5l4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd55fa0f9177-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdSQcapQHnephMrIz%2Bs43G46OkhErAQ3XM%2BvEo4EAvZpHGiXOinhODtys6qEP4Bcr%2B8WL91oLHdCa8Z684m%2B%2FOXqxQPTEzpZpM1U93hzYcNZajjMGdD5JtdA1kXJM7OpLv6%2FDRmaoshblA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame AF1D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

149ms
58ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67d523de52b863f63570f3ffa13614334520cc77c5a675180680b4e9592fb05

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd56e901bbcd-FRA
content-encoding: br
content-type: text/html
date: Wed, 14 Sep 2022 02:59:05 GMT
dropped-udsids: 45|241|39|230|195|46|8|24
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDbTMwFFcH0cwnPP8n95u3ZRnbSgB9BF42TORkiJe8NgtTVFBWHs0up7M9EXi2cRfyJuuYQJb23%2B5H3jHexKh7xyhCaL8Xvkq4LlbCB9MSrtmmDvCrBsXib4v6flObRYGyp7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a5dd55fa109177-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bbZLiCU%2BsLAz7BlpN4qmwID2p6iQxU59PVAtnnT%2FYCJd6qyBW%2FUp1LNtX3igmXNIDS56l%2B9J8jYq9f%2BYNxjFAO317ZM5r0ImbhM56Aq%2Ba1b%2BvLnX%2BZCf8GZQZcJkFlI2%2F7YLXuzEe2jXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 308 B
155 B 82ms
81ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4394086445570543&correlator=279542592256577&eid=31069552%2C31069604&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=1009103%2CBH_1x1_Programmatic&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=12&adks=3298717549&sfv=1-0-38&fsapi=false&prev_scp=site%3Dbh%26section%3Dnasional%26pos%3Darticle%26key%3Dsultanah%2520kelantan%2Cnur%2520diana%2520petra%2520abdullah%2CPKDK%2CIstana%2520Negeri%2520Kubang%2520Kerian%26pwtsid_pubmatic%3D76f40d8445f65d7%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=inskin_desktop_yes%3Dtrue%26lotauds%3D&sc=1&cookie=ID%3D6ae8ec69b26bbced%3AT%3D1663124344%3AS%3DALNI_MYh3czKGIOy-UMEHO5bXCStBVvs9A&abxe=1&dt=1663124352547&lmt=1663124332&dlt=1663124348305&idt=3312&adxs=200&adys=2110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&frm=20&vis=1&psz=795x1953&msz=0x0&fws=128&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=284938708.1663124351&ga_sid=1663124352&ga_hid=375007276&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7a641aabef08fd210be00002dd79144c5f78e46caaacb8ad2021d29806b9659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 92D5 13 KB
5 KB 117ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:04:56 GMT
expires: Wed, 13 Sep 2023 20:04:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5862 783 B
533 B 55ms
54ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cc15c8397f9c833d08e9cc7ef418024fcf98cca3d1ab51ba0c3696f4407b4f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KcHpszXHo-oScEj7hdfCPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-KcHpszXHo-oScEj7hdfCPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: Wed, 14 Sep 2022 02:59:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDA7 6 KB
3 KB 120ms
37ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Thu, 14 Sep 2023 02:59:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5862 0
0 147ms
71ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=4394086445570543&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 8228 830 B
865 B 38ms
37ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: YQ9CAH1B4C27WJYJ
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Date: Wed, 14 Sep 2022 02:59:05 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: dNKSyS7QHJsdTdTWbrWep01AyCAKd89jqhKOrS1KSAG6cjC7CApS/LNz8zbzOrtGXx3VvGKDUs4=

GET
H/1.1 200
OK widget.v2.min.css
static.dable.io/dist/ Frame 8228 13 KB
4 KB 76ms
38ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.v2.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: i1vBFAb888FUxvTqQ.wEtcmM5r9D8F30
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GPB0KH3X70A3NC
ETag: "229cc68f6258d0aa0bef6b143d748991"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Wed, 14 Sep 2022 02:59:05 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3373
x-amz-id-2: DVlYRSu7cXPH2d7rAIquNBLLLChGnH4a06ClpLZanXkHTaNJjMyCcmlHv1VwyzpvfV36Vbc6r2o=

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 8228 83 B
630 B 109ms
37ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Wed, 14 Sep 2022 02:59:05 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8228 95 KB
34 KB 134ms
36ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 20:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 20:10:53 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 8228 56 KB
18 KB 108ms
37ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 944146ef126e70cb54d0e7e925f81b68d9a7dc885a8b4f21adc5b684884f4e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: naPJNEOKHCrklou5HNv8dZuB4kbl.Hff
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 02:19:11 GMT
Server: nginx/1.20.0
x-amz-request-id: YY425E0GB60EPR3A
ETag: "32d556867498bb7efa5eab2be1c460fe"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Wed, 14 Sep 2022 02:59:05 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17721
x-amz-id-2: zEdkf99EDTsxogSzS2uajiUL5N4x7IeZNaJm3pNDnrm6hFQR3xOfoMDOa2Mp+63hibpXXymW6iQ=

GET
H3 200 css2
fonts.googleapis.com/ Frame 8228 7 KB
853 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Montserrat:wght@500&family=Roboto:wght@400;700&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

045902f4e6e115d34798bea5e41d2fe6ed040d2b8f1e3e822b410ea344e59311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 02:59:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 02:59:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H3 200 container.html Show response
c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED14 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bharian.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: Thu, 14 Sep 2023 02:59:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame 92D5 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:24:57 GMT

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 8228 661 B
1 KB 176ms
38ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.v2.min.css?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 16DB178742EEC089
Connection: keep-alive
Content-Length: 661
x-amz-id-2: zEYBbuAR9Qv465XZzNopbYoH3t8enMToI1eVKNd34kvlV8lBw6P9XxaNRSwsqJrgjR7RLeUFdas=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Wed, 14 Sep 2022 02:59:05 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CAF 0
16 B 50ms
49ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNXio2ZE-RpAS-sWS9pUhzvXlPvSqrPfhveLxzOl_eutGPfipM4XS_Nm7gHQ4qNjSotyNJm19Hc6fMf3pJ8e8KxDg0eYKQ

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CDA7 66 KB
30 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AvbcvTE2mcTD-kxRm4pCyoKKdUzrL-iKeI4Q8oGMnexHJQCyY_LntlFbMUFW0QiOYAHb-etAPhnY0tewpyFQlg4UKSQg&cry=1&dbm_d=AKAmf-DjRaERqgA0mM5kEk4BALHfDcvpNWmagGjdruwUmm9KH9mVN_CnCjUQYq1MmBaK4Mv9p935oGpME1yXFEvDnNi8jPYXjyZ3Cv2tYRkVC7f9F-UkbofwaePBPO2HKouXRxeVahUMgwM7quvFHnaSfR64sTqbURh5FpfBdDeOJ9DHSsIKfN6OOE8HLDmCuDwk9YOEvueWIzoUQ0ZVuO2UczsvnO1nuq6LzHPxw-q_Tfkf9LA3xhhFDaMz9hq1_BDLBsskoRyIcPXvv3Ff5sFpIkS8wFaizoyrq8Sl-bj-QUPfP5l1lz8uzz_RKGbeevQHe0IyQ49_-_lpvolEkBZGvdwrxSS0gOVwGYvDVg7wJALQZTbTYEdZ1Vn8vSUxumbfTfbrjMGDlvE4Kir3x_Gq6m33Eq9RS6mpCfK8xdumIx7XG5QSbZBcrAsC5kSjt23B2OGDGhITKFWyqBic8XmIsQB-QVLI4IvAARwdAb8lAmMwO3hoEXrp1MLKHpNyZ54BXM0qrl85x8E7f1SFBgcNFMgmYH6cj-vtq7jlDPC93RCHpd1tTV2PEG6oM8Bjo7dWZhQAPxOrmTWEtd4CjfbJkmY4hDK3I9BGaDfqe4KPl8UVuRF2inV-aD0wO_SuKqR8gPOdAcALH1rdQ8teQrMrnhCnpM6sRyPxPNbZ_N4zOo-Q3aajkpglAqPi_bZwcidEr5eYHLs9HSZOYwOeTfnQzZvt_XX56ui_DuqJ8s8NDfJjO4Lh2jg4-sy-LsGblWd6S4VdQRHmAMy_sP1iIQFJa3atjFECWKKLyboQIHbjhl_z1V8fOn1TNVRbpeScJUP0IS9ujV04KGQXAcJukI-sTvsOGB83ij8HBD5NAw3dlY1xtD5byVU6gIxe8T9geShY2Y9yP7m6FszO9SjsL1X9Y-aUxTo8To5RqKJox-69ZJ-mAaYCO4nZk4wmxP2fWTKmpDvnjpXNbQrqtJ7NYGlwsZl2G8Rm090PNLJF_KGciOx_pVqm2AuYpQrr9bJ4G0UQVUeYs-IIuh7P7cnWfYLphFSfsedED3nMS6wQFcFz82xjz3rlT8yWssXFWHBCzlAm8L6YO-1gEXLwGQ_hANLo4vrfX6u3QfjnC9IF-CqKVTAljJHxMWg0hOTUuFTlv8_jAhTYYHim9h0U0n3SjfxTSOgu59JtZyuT_J_6NeItS4FjlNa-Ddjy82R_fJEubFSgZ60ftaJKHvvgTGE4SlkJiiFzcr1F4skFxlSvLt5NM_wo8HepqWoFXDfDs4zuYB0hH6YfTtNTU_sWCu2GLN-ot-oOIMNLwQ0fAhBWWZ4XKDYCYJPtszytloIu2y75y4xeNK6sn9WGa02VklizFYGrjdewWACUPFh4WzNM1U3r_kH-2folx8If53o_GGsV17xSCbBvgS7ek2Ob8kWNzYsJG4WA_euGXpNMJAZ9S0R50LjuAlzRTo5ZT9Dgmaz3weD90fyrHQTfmGklljkUgQCWFwaIn1xtku2P73V9xZQ-LStClpagSQw0KIcwfwf2TetsefBIZ8_he82RhGL00tjNJaHc9OfOXxa6puAb-7HegZXCr6zFTwGL--1ieG4-JHXuOplP5t0J0VYZMK1r5bOr_abycIg9cjyZx2X5jMjCkQsbzM4wrX1YqYpYo93YSQxzeYon46MbG8O0QWwCF4lDJB4DKUXcoZmAzpOPDu2SK-TOo-OfP_pt06ZVf9M00yRu8WXlhwj_88gTvosjIkBmkwGOUURVdxYjkuS1cTu8_DxnlooyQiJukmvxBL65mZqQQpPN2mS106mAcxjhEN4JK3tAXde_GDzks-wRyZL6s_dActhrDBYsdy5iz4i2fsRKWdfP5dPdgZq1H7LmDPTsqQdeaXnpHj3gByH6u6mdN6rycFIREt_O1pUY2iJlT4Ua6Cjdlk1N0ausn4sBhH1-vjUjH83VDjRT9kRW-ysFxwnqz9x63NJuZ0o6hwZx1vA-QlM70PbBCjtenNXdImxpI_Skn2JicgebltnvHkD85YaGGdVQzlKDP3zEqhl3qAkJuHA0UtqYEk_hLWD8osLFgD3PCbqcLackK2_8bfmLmVPJn7gWeEvfiH7RcSkwuMV7ew6zWM3TTr8_3_EaXPG_MQ7sPjR9Cvpti04W0rZc6nNYnLAujdVeBA4xOOe7NUZus3prDTNVWvFgwUCEwQZWHexh_GQprFeHcJE3egBC3wPcXlLrroZ8XU_dHxRgpvt9C4r5RlLEjdpce-8CjVVRdi_N7fai8NQtQjmevEl2pJLIuyNsfmrKfDxKmZvuFDwyWXDfsfZsvNSuL-gz5RQQJK1tHO3UPlqoMA5dmvU12gu1LmQ1KJzHyChY8IRPgZAyDikTCTw5MO_cy7VRkMLbTlef5TWUWRAXq52ZrxqZ7nyCbfzSXqoKekSNOpKjKqgH2RfiJzpHSGl5jz6SYx1qg0dg4fi5sRS5B7V9dPNffh8TImdEBhScbiiAoxeVqcQRGPqoHoIU0V3kkT86FTX6P2DmJe_rqhwZXwBMqHsrjpWl0IPJrxMXhHcMQ7Vt1LBbq_bIxxBKteovdpXxohg52XXlrAQnxT2Dyr1U2cKujzHRT1K71sseUxnWaXUoUYcPjycAo5MKlx8wDYwfhFaH438j3E8uc4zTJ-u2z2IlAeBkQEXI8klaK6_5QvKIlanSbav6GWu8gw61q3b7AHVs1n2YCWTupf8SYPaVL-a5JzfvwCA6pziNeKmmdXQ53YgojkYhL0JBmwHBW4CMHRG5xGAMmuFFmoIJAvaQ6PTuc-eG51lSitnkm2tBoXk7amhFJZxpH24_l6qST5GyK-yjJoKmFk11SrHGlQ0yLfGrT6KITHFbM8JdM56L1zrWgr1_4P6tJXapg15lcx_iSqekzPtQ7O4yYo8Ly9rWRktSAAVl0FTJZfvWoOOkfBWX6V50tVKjMY7sic1OOkEoyolZPtTfcyAbZou7jK-t3Rieo1AmBTnpyeqbsuCef1BJ0RfemIvC2oM9Ys_wYdNq_okk7Oi401DtpCt6zjUPHbUAlnrn_4gWKIR-cAQlbOmi2_pYlPec_v1lgsTUvpWH8Zt744JUGgMIuvoZFJYmd8wUfZpO2qu-00xGCfqyYbcec_60Ysv50j-DolrPD1lBb75ZFDP6HvFB0T7h7-iZKUA4TVgAzluyuF3Fkp0v9bkpO73y3XYFkIgjibwALSqPYR3qLEuapwjNluQwEdL4-Ls3i4hfEtl6hykL2bBwQurXgH_HEB0POJl_xE3PhaXYMrqkQPf8djz6rCw-udgHiNHLVi0PrdFwuEPN3GDqMMzl1IH15qE1SHjN_2VK3OuA_HwOsOxfokCDeSoXvVcIlYddHyxmV0rDfzr711Tuy2IroDldwjcS9nOD&cid=CAASUORorOjstpgogn4tvyorl6WSOFrzEk4_patQJ8pH8mhaNJ09Tsi7Lf5_YOzhv1KcvkOcoX6QmjGFGxwNh8S8AP09l3C-vyP59H79yBE-VakT&rfl=1%2Chttps%253A%252F%252Fwww.bharian.com.my%252F%240

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5509588912ccc64b20d0a93e187596a96516ed8c3629336a394a6d8290a09703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA7 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjMmzicuxZRSOceLdn78WoRxz4bQtFr2hC94rw-qe4HQfTJ_pxqie_D78JhGDNu8DUglsRwFnjy4_ZTiEHHyeLInuwVXW-vM_axUbdMe9FOufYBvw

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame CDA7 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:59:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame CDA7 17 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 02:42:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CDA7 0
0 47ms
45ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgziqzdhTvTQ422e-kxSkjBwKeT-LkwwtIC6XQiqZxGYKzjcxh-MiFIiFPo_tlIuofzms1
Requested by: Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDA7 142 KB
44 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame ED14 4 KB
636 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 02:14:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 02:59:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5872 8 KB
893 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 02:15:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 02:59:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 5872 2 KB
902 B 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:23:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 5872 23 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 02:28:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 5872 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:59:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 5872 17 KB
7 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 02:42:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5872 0
0 46ms
45ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJzxet4UpnH5t42qzgBKCaXgXVS8ALhhe9fgwSDylKMBRAEN_4cx0gYlFeNrCM2-mt25nO
Requested by: Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5872 142 KB
44 KB 150ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 02:59:05 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 5872 33 KB
14 KB 137ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame ED14 19 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 23:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
server: cafe
etag: 4999025364649203088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 23:37:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED14 205 B
519 B 137ms
45ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:22:43 GMT
x-content-type-options: nosniff
age: 16582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Sep 2023 22:22:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED14 604 B
695 B 138ms
46ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 23:49:15 GMT
x-content-type-options: nosniff
age: 11390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Sep 2023 23:49:15 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
179 B 406ms
125ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6402 70 B
265 B 177ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6402
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB&dcc=t

43 B
568 B

133ms
132ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 4PQT9BZBYWH8DRFHEDTK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Q4YM4F5WNQGC1ZXRAJAH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6402
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

43 B
844 B

62ms
61ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd59b83c5be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aiz91bIa9NLqVL3PE7RBdT%2FyW%2FjgmZxk0zp%2FRfNO%2B55KeqxS1P3m0DstjGnriUc9Es4izLN1Rc0%2FDdngnNU2fYgFddtlibWCYqos3sVGedNYbM3iNARyiOxHakfjJHN67EPHpVZ33yxprg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6402 170 B
188 B 144ms
65ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyFDeYlfV4wSfer7_0ISdwAABKYAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6402
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
845 B

49ms
47ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5b79485be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kslz9V6rKUxsMv4kXOiu7WLMtYMyzRgdCBCRWHFO6XTm0juhkXVAOk3hq3Sq6%2F%2BcBn2H3hsx5yUkflicAKOFmOuq8%2F%2FbgKCtfwa4iRqlOj0kTPPmVCAWUuWVn2XaJ4l0LwVggSOgIPUK2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6402
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=J9w4O_M7QktSAeOYJITFwlD_B2o

43 B
844 B

51ms
49ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=J9w4O_M7QktSAeOYJITFwlD_B2o
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5b49245be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAtiwxwEYS0149ZYGm8161%2BGhizgGrRfpoWrl06rGI9WH0SbpKkgnyYljnvM2guJuENNsyNlMWUr2%2FojTuyRXCiGXEEAwvLy9Mpju1CxpAvHrw09eVY%2FxBj5l4HAaBJvhSVD%2F20wZPgsDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=J9w4O_M7QktSAeOYJITFwlD_B2o
Date: Wed, 14 Sep 2022 02:59:06 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6402 0
191 B 230ms
44ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6402 43 B
102 B 147ms
46ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YyFDeYlfV4wSfer7-0ISdwAA%261190
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd589b0a9079-FRA
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 83
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 14 Sep 2022 06:59:05 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame AF1D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

43 B
842 B

49ms
48ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd59b83a5be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS%2FEq%2BQbgu4HjgeKBE8utbvz00XeVx9QTSTa22c0GnUVnPQ5fCS9A1adZR3EY5fvyF2dLj3e1stYOQ6icdJV7kkHE6hoaMYbEOoBBBreD1Xa%2Fz7S90c8G3zvZKMMqHxl0kTGqcHReZGFqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AF1D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB&dcc=t

43 B
568 B

133ms
133ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: DQR0YRN4B31AX4K7XZZ0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:05 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: ABC68JZZSBPDB5S5YFRV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AF1D 70 B
264 B 120ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame AF1D 170 B
188 B 160ms
84ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyFDedkSlCyh3XPKjnU49wAABJAAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame AF1D
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5b3ec41-e224-40d6-9fec-a4746bfd3559

43 B
844 B

61ms
60ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5b3ec41-e224-40d6-9fec-a4746bfd3559
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5ae8d65be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOJN9XM%2B5sSqTIIde7WGOgAFZZmyHLnG7aa8qZRjj5mg1enqWzznfeGf4ptvrK%2F2WEJHmitwVDrU6MK2o7ZlpY58Rlu5fUr1Td3mBwl5T5I3Kbu%2B8HfubixXyHgn28%2FicEzymBMo5hR2PA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5b3ec41-e224-40d6-9fec-a4746bfd3559
date: Wed, 14 Sep 2022 02:59:05 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame AF1D 0
0 127ms
37ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame AF1D
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=62d4f2b1-4064-4301-b817-186c3cba3ad9&expiration=1694660345

43 B
842 B

61ms
61ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=62d4f2b1-4064-4301-b817-186c3cba3ad9&expiration=1694660345
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5ae8d85be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqnywnn7sohJfxiLyZX8tcsE29x51GoQTllrWPan0qt7rWBHnAXCC7U7Fo8QAOh9RGeWff0P8Hs%2BSW1LllK%2F3dPRCWRan7U%2Bl43EGEnTARBDNI4FTi8TU73LxkWcv5ynEs4fvHJ1PJzxjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=62d4f2b1-4064-4301-b817-186c3cba3ad9&expiration=1694660345
Date: Wed, 14 Sep 2022 02:59:05 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AF1D
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1761d7d9-f934-47d3-b393-ed73b7a06abb&us_privacy=null&gdpr_consent=null&gdpr=1

43 B
529 B

102ms
53ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1761d7d9-f934-47d3-b393-ed73b7a06abb&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFegTFoN%2Fu0aqK1YU6hQQlrApiv3dD6x4oRZNkJh6%2FtkweJAvKfbE9M9Ln0GNlnpelNqnNpFLL%2B2myijw3cDgxAwg2x7%2Fl9OeJOcGpLRP2riezrJvtpgzLlFXucrD3El651GkNXXKmwjeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 74a5dd5998245be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1761d7d9-f934-47d3-b393-ed73b7a06abb&us_privacy=null&gdpr_consent=null&gdpr=1
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a5dd588b37994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame AF1D 43 B
351 B 142ms
45ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YyFDedkSlCyh3XPKjnU49wAA%261168
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd589b0c9079-FRA
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 83
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 14 Sep 2022 06:59:05 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8C10 70 B
264 B 146ms
58ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8C10
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyFDebSzxhPbpfISmc9HkAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1

43 B
842 B

56ms
55ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd59b8345be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTXB03YTBrb9kMhtcodDYP1ucE9ok3VVq6rejEzt5Fdt7q6o3%2FM3pBaITjfY6Rktxl6FI9woNxEY%2BoBhz4sFq6ii0Y9kaWTaTB%2B7VvIOLXg6zuqWMXprNX1S6Z4cMRZnNK0giNTUWkohOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKoOEfAZ6hRXCf0TiAFj0Qw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8C10
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB&dcc=t

43 B
568 B

133ms
131ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: HGZBD1M4EWT6X662TANS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 7XT3MKMECGN6X0N2Q6A7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8C10 170 B
188 B 120ms
48ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyFDebSzxhPbpfISmc9HkAAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8C10
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
843 B

51ms
51ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd59b8325be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTxcaMwu6NbdyP6xkImDCw3KxqTRyp2zyn1zJgy%2BV7BuJ6cCvt9BkgpH%2B7ovng20NBEtP1OiQy80JFWHeVcLWsDPpHIC0Otzg%2FbKCXGUDiJL4e3Yv7G812vuMjsbyLZ9VDHqxKRusxPSLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Wed, 14 Sep 2022 02:59:05 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 8C10 0
331 B 239ms
58ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8C10
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
848 B

54ms
54ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5b89495be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IPYt9E%2Fkd28sMYF54XQ0Jh2GsOHGQ7JW%2Fm8vBPfgE%2BNklZTPBtaT3X4PNTp3zYbYQIHpiZ6%2B5sENcFFLUJK9Cy3WgOpSz%2FYfbjron4y8ccLztEqkzqviY5wvl%2FSR1OJPbkUzO8Azwm1SA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8C10
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678762745&external_user_id=d37089bb-8cf1-4079-b81f-09e8d9b92bce

43 B
849 B

51ms
50ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678762745&external_user_id=d37089bb-8cf1-4079-b81f-09e8d9b92bce
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5a08625be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m%2BWVxB%2BlRUQNtiUrQIZTYjllGILS%2F8D6P14%2FalNGCNxpHwBgU3J9iZ55MFT4hgVq5%2FgTbYO74dFPDzAadjWUSBQVTxYrceoq1Zl9UkZ89tLp50rgWvBV%2F1dSyvSVU8Rd2JvBaLuhLC0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Wed, 14 Sep 2022 02:59:05 GMT
via: 1.1 google
access-control-allow-origin: *.casalemedia.com
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678762745&external_user_id=d37089bb-8cf1-4079-b81f-09e8d9b92bce
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 8C10 43 B
103 B 141ms
47ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YyFDebSzxhPbpfISmc9HkAAA%261178
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd589b0d9079-FRA
date: Wed, 14 Sep 2022 02:59:05 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 83
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 14 Sep 2022 06:59:05 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame A1A0
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

128ms
128ms

Document
text/html

18.233.196.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bharian.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.196.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-196-70.compute-1.amazonaws.com
Software: /
Resource Hash: b3c8a7b268d4b3869ebf09b4c6f5376d4d2439b2abc711e55a188b0f68dc5a2e

Request headers

Referer: https://r.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Wed, 14 Sep 2022 02:59:06 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 14 Sep 2022 02:59:06 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Wed, 14 Sep 2022 02:59:05 GMT
location: /um/cs&eq_cc=1

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E432 143 B
166 B 37ms
36ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame CDA7 30 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AvbcvTE2mcTD-kxRm4pCyoKKdUzrL-iKeI4Q8oGMnexHJQCyY_LntlFbMUFW0QiOYAHb-etAPhnY0tewpyFQlg4UKSQg&cry=1&dbm_d=AKAmf-DjRaERqgA0mM5kEk4BALHfDcvpNWmagGjdruwUmm9KH9mVN_CnCjUQYq1MmBaK4Mv9p935oGpME1yXFEvDnNi8jPYXjyZ3Cv2tYRkVC7f9F-UkbofwaePBPO2HKouXRxeVahUMgwM7quvFHnaSfR64sTqbURh5FpfBdDeOJ9DHSsIKfN6OOE8HLDmCuDwk9YOEvueWIzoUQ0ZVuO2UczsvnO1nuq6LzHPxw-q_Tfkf9LA3xhhFDaMz9hq1_BDLBsskoRyIcPXvv3Ff5sFpIkS8wFaizoyrq8Sl-bj-QUPfP5l1lz8uzz_RKGbeevQHe0IyQ49_-_lpvolEkBZGvdwrxSS0gOVwGYvDVg7wJALQZTbTYEdZ1Vn8vSUxumbfTfbrjMGDlvE4Kir3x_Gq6m33Eq9RS6mpCfK8xdumIx7XG5QSbZBcrAsC5kSjt23B2OGDGhITKFWyqBic8XmIsQB-QVLI4IvAARwdAb8lAmMwO3hoEXrp1MLKHpNyZ54BXM0qrl85x8E7f1SFBgcNFMgmYH6cj-vtq7jlDPC93RCHpd1tTV2PEG6oM8Bjo7dWZhQAPxOrmTWEtd4CjfbJkmY4hDK3I9BGaDfqe4KPl8UVuRF2inV-aD0wO_SuKqR8gPOdAcALH1rdQ8teQrMrnhCnpM6sRyPxPNbZ_N4zOo-Q3aajkpglAqPi_bZwcidEr5eYHLs9HSZOYwOeTfnQzZvt_XX56ui_DuqJ8s8NDfJjO4Lh2jg4-sy-LsGblWd6S4VdQRHmAMy_sP1iIQFJa3atjFECWKKLyboQIHbjhl_z1V8fOn1TNVRbpeScJUP0IS9ujV04KGQXAcJukI-sTvsOGB83ij8HBD5NAw3dlY1xtD5byVU6gIxe8T9geShY2Y9yP7m6FszO9SjsL1X9Y-aUxTo8To5RqKJox-69ZJ-mAaYCO4nZk4wmxP2fWTKmpDvnjpXNbQrqtJ7NYGlwsZl2G8Rm090PNLJF_KGciOx_pVqm2AuYpQrr9bJ4G0UQVUeYs-IIuh7P7cnWfYLphFSfsedED3nMS6wQFcFz82xjz3rlT8yWssXFWHBCzlAm8L6YO-1gEXLwGQ_hANLo4vrfX6u3QfjnC9IF-CqKVTAljJHxMWg0hOTUuFTlv8_jAhTYYHim9h0U0n3SjfxTSOgu59JtZyuT_J_6NeItS4FjlNa-Ddjy82R_fJEubFSgZ60ftaJKHvvgTGE4SlkJiiFzcr1F4skFxlSvLt5NM_wo8HepqWoFXDfDs4zuYB0hH6YfTtNTU_sWCu2GLN-ot-oOIMNLwQ0fAhBWWZ4XKDYCYJPtszytloIu2y75y4xeNK6sn9WGa02VklizFYGrjdewWACUPFh4WzNM1U3r_kH-2folx8If53o_GGsV17xSCbBvgS7ek2Ob8kWNzYsJG4WA_euGXpNMJAZ9S0R50LjuAlzRTo5ZT9Dgmaz3weD90fyrHQTfmGklljkUgQCWFwaIn1xtku2P73V9xZQ-LStClpagSQw0KIcwfwf2TetsefBIZ8_he82RhGL00tjNJaHc9OfOXxa6puAb-7HegZXCr6zFTwGL--1ieG4-JHXuOplP5t0J0VYZMK1r5bOr_abycIg9cjyZx2X5jMjCkQsbzM4wrX1YqYpYo93YSQxzeYon46MbG8O0QWwCF4lDJB4DKUXcoZmAzpOPDu2SK-TOo-OfP_pt06ZVf9M00yRu8WXlhwj_88gTvosjIkBmkwGOUURVdxYjkuS1cTu8_DxnlooyQiJukmvxBL65mZqQQpPN2mS106mAcxjhEN4JK3tAXde_GDzks-wRyZL6s_dActhrDBYsdy5iz4i2fsRKWdfP5dPdgZq1H7LmDPTsqQdeaXnpHj3gByH6u6mdN6rycFIREt_O1pUY2iJlT4Ua6Cjdlk1N0ausn4sBhH1-vjUjH83VDjRT9kRW-ysFxwnqz9x63NJuZ0o6hwZx1vA-QlM70PbBCjtenNXdImxpI_Skn2JicgebltnvHkD85YaGGdVQzlKDP3zEqhl3qAkJuHA0UtqYEk_hLWD8osLFgD3PCbqcLackK2_8bfmLmVPJn7gWeEvfiH7RcSkwuMV7ew6zWM3TTr8_3_EaXPG_MQ7sPjR9Cvpti04W0rZc6nNYnLAujdVeBA4xOOe7NUZus3prDTNVWvFgwUCEwQZWHexh_GQprFeHcJE3egBC3wPcXlLrroZ8XU_dHxRgpvt9C4r5RlLEjdpce-8CjVVRdi_N7fai8NQtQjmevEl2pJLIuyNsfmrKfDxKmZvuFDwyWXDfsfZsvNSuL-gz5RQQJK1tHO3UPlqoMA5dmvU12gu1LmQ1KJzHyChY8IRPgZAyDikTCTw5MO_cy7VRkMLbTlef5TWUWRAXq52ZrxqZ7nyCbfzSXqoKekSNOpKjKqgH2RfiJzpHSGl5jz6SYx1qg0dg4fi5sRS5B7V9dPNffh8TImdEBhScbiiAoxeVqcQRGPqoHoIU0V3kkT86FTX6P2DmJe_rqhwZXwBMqHsrjpWl0IPJrxMXhHcMQ7Vt1LBbq_bIxxBKteovdpXxohg52XXlrAQnxT2Dyr1U2cKujzHRT1K71sseUxnWaXUoUYcPjycAo5MKlx8wDYwfhFaH438j3E8uc4zTJ-u2z2IlAeBkQEXI8klaK6_5QvKIlanSbav6GWu8gw61q3b7AHVs1n2YCWTupf8SYPaVL-a5JzfvwCA6pziNeKmmdXQ53YgojkYhL0JBmwHBW4CMHRG5xGAMmuFFmoIJAvaQ6PTuc-eG51lSitnkm2tBoXk7amhFJZxpH24_l6qST5GyK-yjJoKmFk11SrHGlQ0yLfGrT6KITHFbM8JdM56L1zrWgr1_4P6tJXapg15lcx_iSqekzPtQ7O4yYo8Ly9rWRktSAAVl0FTJZfvWoOOkfBWX6V50tVKjMY7sic1OOkEoyolZPtTfcyAbZou7jK-t3Rieo1AmBTnpyeqbsuCef1BJ0RfemIvC2oM9Ys_wYdNq_okk7Oi401DtpCt6zjUPHbUAlnrn_4gWKIR-cAQlbOmi2_pYlPec_v1lgsTUvpWH8Zt744JUGgMIuvoZFJYmd8wUfZpO2qu-00xGCfqyYbcec_60Ysv50j-DolrPD1lBb75ZFDP6HvFB0T7h7-iZKUA4TVgAzluyuF3Fkp0v9bkpO73y3XYFkIgjibwALSqPYR3qLEuapwjNluQwEdL4-Ls3i4hfEtl6hykL2bBwQurXgH_HEB0POJl_xE3PhaXYMrqkQPf8djz6rCw-udgHiNHLVi0PrdFwuEPN3GDqMMzl1IH15qE1SHjN_2VK3OuA_HwOsOxfokCDeSoXvVcIlYddHyxmV0rDfzr711Tuy2IroDldwjcS9nOD&cid=CAASUORorOjstpgogn4tvyorl6WSOFrzEk4_patQJ8pH8mhaNJ09Tsi7Lf5_YOzhv1KcvkOcoX6QmjGFGxwNh8S8AP09l3C-vyP59H79yBE-VakT&rfl=1%2Chttps%253A%252F%252Fwww.bharian.com.my%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11716
x-xss-protection: 0
server: cafe
etag: 11026421231030424798
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 02:20:30 GMT

GET
H2 200 1555123712904419423
s0.2mdn.net/simgad/ Frame CDA7 28 KB
28 KB 182ms
31ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1555123712904419423

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7072a102da835a840be8e535dfca6d45602db4831ed3ff556a325bd6f5cff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:07:31 GMT
x-content-type-options: nosniff
age: 118294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28532
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:44:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 18:07:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame CDA7 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 02:50:33 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CDA7 0
622 B 226ms
79ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshgS2khkHVQNdsegWJhZlkaEvntmCwLkjmF7HWMrpOjn7dMxhQppgTkei5gWzYt2dUr1167FVXiuAqexNKWEKk8Q4KfZJKX1HwF2tUMCVorARevMFkzXfHogvi_utwA_WXQWFE2UN6-FTTHZ-NRNujdW0ZfSIHLl5k9MzlVS7aJjpy83_xkfClUvseLCDgQ3pPH-BF5l_lW4QpUTR7qF2vE698gkOzAwFvY0nIM4woH0qbzUPjOSko3L1Ce3kg_Bvx1at2gpfSyWmBHhvSnL4KcfF28_uUwtn10D2IdyFlB4YXvNnPv7UP0vsgBdtMqK5ZhZuiGEg947dK5cLdvnWYEKRnmcQAGqj63B8fw00HIYkMycUUENmILW1bsr9Caei4i61KRZlsBLn9pTIhOHuZZ5LXJ41QpzEvpJYIWDPV8GN5nCADDIIXGMA6Vetk753nCmlX1oS3N0VzZmcvP9yRE4AvifXi0sKkI8QIrWRmJFf_NWMiAPhDCVLKUrkzkpE1lUDjUIRMiNGbZYVjKGwFhbs1q2Gfy2Va9vI8MQ7dzm3EkpaWFh5xnRgjrvwGIVaXTQH9aNIIAzkDN6W6S-TMIk2ewMCYwNu48BJan1EQIDeJIscuTr0lwYQ1927pcD-hMqnQU3g7Y_bJ33Vv9f_sOAgJcouAkrHqr8fwRfwlORCyMY4QeHeBsga0DfcIaDeEBssxgfBVDlBP7-Rb2aFfCYJ0sQ7wE7sQItdQciH9YbFrkwC5A8iKH-hJaGXoIjr8fBjOhhwYbhZ6f_bF_HaNyrtzntLBnAfKQ5rSxctxdRWS15pYQVc8vcXeDLef4LfnadukXMkplQvbpGlcDLG0_Z_YolmSz4XA6aHPHtlXgwE5euESFOyG6_QOhjSJX9IGjo8yJOMoxbo2NlF2fxfAJxewxG9k2IIIJBXR6toxhugUVdJY_JI2bU7CFrv7yS2xkV6822FlLlrg8uNk5ShfeFPo_zvM13L72kjT1-IZOfkDFoYAf2JPAa_7I_Erwy8LPQxYkxk8Q2JTUcUiPfzcFfB04e1wE0oTqGEF92FJuSoPYw6G17ER9JSM8dZjWIAwWpR11K5KMsPeOb5Dl5AYZT5tdLoBcNgynz2tH55KDdcKgi0ZYgoO88J0CYUM6MU3zTi2D7uIsx7G1dlUeTqJNVAB2zZSMozl1YvMWt439EOlyWuxSHZo0l2lpmbsrktKjLML&sai=AMfl-YRp0_kRIcWfIYKSdRT2fBX0XYKtPYMB9VGdT3nIuE8F_dzUILO4SFkgd4A0LumSs8M1SCOobW0i7_6_QCHhnlpSaUnDxFkAen6yU3weSJGw5s4zjkaePoM9lISa6rVkz15E8KbJUshxLIIpXSOjdBvbg1URRgKBVmcW5oUVZdnCYxkbE1V0N-grWwLipnPDEJKfnDnFPHSfApE6hpHzidiCAB_xPYBuTqs4ELdi7rw19ympfNIH-Z10ncMhpzBkUC9rE9fHY__fRuyH-gLJcn2VMjM7mJx4xUCi&sig=Cg0ArKJSzGzBFi-FvRxlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220912.03767&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 14 Sep 2022 02:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CDA7 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H3 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v12/ Frame 8228 20 KB
20 KB 148ms
66ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v12/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Montserrat:wght@500&family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 21:14:53 GMT
x-content-type-options: nosniff
age: 452652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20072
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:16:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 21:14:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8228 15 KB
16 KB 130ms
48ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Montserrat:wght@500&family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 250164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8228 15 KB
15 KB 130ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Montserrat:wght@500&family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 500234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 08:01:51 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 169ms
46ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bharian.com.my%2F&domain=www.bharian.com.my&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bharian.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 14 Sep 2022 02:59:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 262281
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bharian.com.my%2F&domain=www.bharian.com.my&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=a3kpyXxXSWtmYnBWTTBoYk5tbStOWnNRNHRYYWEzN1plYUd5NFpkUHlJYjZ6cUhBdWJVQmtQSEN5M1AvaFFzeGxoQ0l5cmo1bXpJcGZ1TENyWUVFSmVtVTh4ZEtyK1ZvTmxWM084bExQekVEZlA2RmxoNVNZWUpsQzBabX...

337 B
629 B

144ms
46ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=a3kpyXxXSWtmYnBWTTBoYk5tbStOWnNRNHRYYWEzN1plYUd5NFpkUHlJYjZ6cUhBdWJVQmtQSEN5M1AvaFFzeGxoQ0l5cmo1bXpJcGZ1TENyWUVFSmVtVTh4ZEtyK1ZvTmxWM084bExQekVEZlA2RmxoNVNZWUpsQzBabXlyL2FXK0lwS3l5ZEFUckJLMDJUM3ZKM1ppTTM2NVV6TkFQNmRjekNONnFVVmQ4dTdDM0g3VWFPYlhYYjNrbGUyS1VBL2hCaVFCR3JrUThvS0dXeHV6YXJrWVltaG1weUh2U0hFbDcrbzJRR2pwZTFKL1FJSU9lOW9Hc0c2czY5YjlqcGtpVTU3fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c4b25d932c3e407822d2afa981afbf55c9f5dac773fe81838c7b9969223d73b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 818197
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=a3kpyXxXSWtmYnBWTTBoYk5tbStOWnNRNHRYYWEzN1plYUd5NFpkUHlJYjZ6cUhBdWJVQmtQSEN5M1AvaFFzeGxoQ0l5cmo1bXpJcGZ1TENyWUVFSmVtVTh4ZEtyK1ZvTmxWM084bExQekVEZlA2RmxoNVNZWUpsQzBabXlyL2FXK0lwS3l5ZEFUckJLMDJUM3ZKM1ppTTM2NVV6TkFQNmRjekNONnFVVmQ4dTdDM0g3VWFPYlhYYjNrbGUyS1VBL2hCaVFCR3JrUThvS0dXeHV6YXJrWVltaG1weUh2U0hFbDcrbzJRR2pwZTFKL1FJSU9lOW9Hc0c2czY5YjlqcGtpVTU3fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 574227
content-length: 0
expires: 0

POST
H/1.1 200 622.json Show response
id5-sync.com/g/v2/ 216 B
628 B 143ms
44ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/622.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

f0c644eb93573225a4383c19be8bdc3c46dd6d6f435bbe691442a1916bb81560

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:05 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
339 B 88ms
73ms XHR
application/json 54.194.94.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.94.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-94-16.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 07f97ff3efa93944f03530f2f8943f690fc5a7f68812381d7f603ca7095910dc

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache
x-server: 10.45.27.85
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
392 B 64ms
63ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: b4ff92e16bb8d052b2f529b72041106b31e19621134ab3de3f3924ff10f90afb

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 14 Oct 2022 02:59:05 GMT

GET
DATA 200
OK truncated
/ Frame CDA7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50f84554449c8994c88cbe2be0ea3fc3fc169a0bf4a582f15da985a604760c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8059 22 KB
8 KB 43ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 69978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E432
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
URL: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: Wed, 14 Sep 2022 02:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 02:59:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame D326 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: www.bharian.com.my
URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CDA7 0
26 B 151ms
74ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 02:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 92D5 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zQR3fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 162ms
46ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 14 Sep 2022 02:59:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 488822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8059 36 KB
16 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:24:57 GMT

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame A1A0 43 B
845 B 56ms
54ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=c8c17cd7-5848-4ac0-8c86-6d815fd099a0&expiration=1670986746
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a5dd5b79475be1-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdn00CBfjWIm1PmrjtIIeKYILUwInOczWaIf04rqcq%2FsxQ%2Fm7VdMN19W9LI6j0KmI9lfYlcXDk3EbrkiRI5ggrtmpMSGS42bVpAcyh%2FnG%2BqA0KsFQhScuqSghc5Yxn8BMFL4Z37bI%2BLVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B32D 0
741 B 38ms
36ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e00e2c51-2c50-44b1-86bc-6ff758f9a76f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E18 0
741 B 38ms
37ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6baa399-3825-45bf-9bb8-3eefa3623c85
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 589C 0
741 B 38ms
37ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 02:59:06 GMT
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b836298-417f-41a6-b07c-0d74bdf75444
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 impression
r-log.dable.io/s/bharian.com.my/u/00000000.0000000000000/ Frame 8228 35 B
140 B 273ms
270ms Image
image/gif 15.164.184.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/bharian.com.my/u/00000000.0000000000000/impression?source=1000045&pick=&rm=60.1.1&cm=0.0.0&channel=ArticleBottom_PC.3x3&reco_type=hot-items&cid=00000000.0000000000000&widget_id=1oVeOZXP&request_id=gpxk4pQpohA0gJx8&reco_list_lz=NobwRAlgJmBcYE4kCYAsAGMAaMBbApgC4AWA9jPAGzoB0AjPWAL5bjRyJIDsld2eRMhTDV6jFm2FIkqZPwIlyHUQz4TIUpJS5ycCoctqrmrDR2lcAzAA55gpVSPjT7eBesI7i4SueTzSNZ0qF4GjmJqLpoIqDyhDiJOkf5uWh7xPkkmKZwIXOiWGYYR2WapCNY6ReHG6q65qNaYevaZJXXR1sjNAt7FtVEBeZQArNWJ7QC6QA&gdpr=1&uri=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&is_gif=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.164.184.67 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-164-184-67.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Sep 2022 02:59:06 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/bharian.com.my/users/00000000.0000000000000/campaigns/MZ9AYnggXiV/contents/GR9rxZPrEHLK/ Frame 8228 35 B
109 B 835ms
275ms Image
image/gif 3.37.106.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/bharian.com.my/users/00000000.0000000000000/campaigns/MZ9AYnggXiV/contents/GR9rxZPrEHLK/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAIwD2AasQPIBaAGgAo4gBOxARwCuxAM4Uq8QgAcAHgGsALNICK0ugAsAggkIApWQA4e-YWIqkIAW2JwaANnsBmGgCZFTxQFY3X3KLohXjBbeBoUbx4bUg06GDDUGnQeMA0AQwA7DOIAG2otXkswHOIAITpSUjorck4AYVQnWSceYllpCH54kAB1YigAAgBlYmkBmkUB1wRXVwGZ2C8ATlgELwGAcQBZABUAaixcIIhqDUrpUVgAeiu8O9QAI3TeCEzUMGrUKwBPK4fiF6kNJXDJpUQQOignJXaazK4IJZXcLIbxXURCHJA0EaAC08lymSxOIyQRxUFeoJx0jIvDSOIeQjSpDxxCsQgyYAxmSpAKBVjSPAgGQAbsQMlVeN9KN03AB2Jb2AA%2B9CYbC4PCqQJy5GkaRIdlwuv1sBo-ggAC9Qk5-DkKga%2BJl5HAELgIKRWeQwEzqKDwZC0nlcCQMlAAdQtjwHp0Yt9iGleNQaEsvLLI3EpSUMoQYnZZfKAL5AA&is_gif=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.106.140 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-106-140.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/1oVeOZXP/users/00000000.0000000000000?from=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=bharian.com.my&gdpr=1&id=dablewidget_1oVeOZXP_KoEMpPoB&category1=nasional&ad_params=%7B%7D&item_id=1000045&item_pub_date=2022-09-14T09%3A57%3A36%2B08%3A00&pixel_ratio=1&client_width=795&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: image/gif
server: nginx

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 502ms
254ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8059 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQDQVeUMhY6K0HLqN9u8Pxfix8AQAAAAAOAHgBAI&bg=!1dal1pLNAAbG3AOo5tw7ACkAdvg8WiOUtngR2SC9qSwfJidmLeFUa9D41gwi29l6OIGNURqc5fXWHgIAAACOUgAAAANoAQcKAAH2mQMdavTk2Vy3q_pgLE9aR7_OPOU_s_NsAT2ZMOSbCSLYQ44xukaplOga_i5Y1G6MW_BWJUBOfKfphGnX7ZbcFp_aJktgOoTqAozZ81gxmFVhr3ZB0-j_M6uA3jCyoNsPeyjFNzZNM2Ftp0m_InbYmKEY-dPXtUjfxSuVUExFfCEXsSJe-XEZdaMB4vD0YCRuMxr946vihCzTyn3ruKHjsA0rTEyOJriy781DafuVGtx5GinjBOtQLYYkFtNmwJYUt_i-twa2t7Bzk5RrJZe7cA9Bu7mvTYZ-nlFd5-DOfpPG1sj-4I9z6noD4uP_VYFSvlOIllu5yawQvNaxVf6YcKMLCcVNkgm3W2XAcf1yNcVzSoGIfjB0VoTzpzOv1i4YvfJiU-KD5cxwLoW_lLr4m41kU0crbZA8mNdqIKh7jiqbhBKNIf-abGS0RDIYTDWEexCNZhyXFbbJV0YbKwt_oNQGVMK36eMyLcmUK_UZgEcn5FlyhIwzfBmTn9aH4XDxPxfuyXwxOz5Juux8sAC7-McpoRgOcUH3yfskhXJj0d5-CPIcxaVytrnohaFShz873rpiJADzAFoXUtIY3ZtBas0ovYZ-HKXLwKig0kWEBHG6tzX3BMG18kLmBgJ5h9DYegeyNUvFov81Kgk0CJ3Zat0tWu0DjAu3zpOPw0-6o7YkBMeC13P_xTM9nirnoCm1MzdoiPGlDg7EQU_aPOaBybt5H9BGwtWJjIMXt8AC4uIBQq1gR7h3YGaPeidNryzSfmEyKiceUZuvd9vI-fVPiN0zDsYNOhRx5FO6fWTwug_sJEHBf5QrMKpjTPCiFgmxpWIHUdRbFzUN4U-UFz8yaRpPbPKrKUqrS-ROZWRdmDdbKOWJKkBOBc5dV_QAPusI1ShjERdXEcFif8p3ZJl63O8cXfxyjd_i15qTEXq907U2d1Ldp4ufzbkddbOmvRy6v1pL_eigyGi9dcp7jqk_j8VbWHdmdPefsYo0Qd6dMbica45JtJXZC1Dp4aiclGlPz2T9jJtssk78LOG0x0lk0bjf9X8FkkXd7IOr4_NvorM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=4394086445570543&bg=!7-yl7KjNAAbG3AOo5tw7ACkAdvg8WqZVxHUfiPnWIsLfMg0QuznK6LrYBNc7Lvd--6eH2oo6l6B2ZgIAAAIXUgAAAAJoAQeZAuvA94AQUJ_6KP9AKjlmIWxLF1ZEqT7MaFF0FH8dqHukjtyQtUFJ4Sxd687Dx--xb2K2sckyMAvWR1_Bt_yNWmuUQXyZwj4HLgzbPSk3mOtPyU-glP67NwOX05zlk3YyFY0U2F3_Uns33nLNM4EWrkF61s1zYOPIK-sxZoH96inKgE70R9ICxy65NO2C9bKEThNWmd8LWYHMQkvBuufMbrp4hFNCNO033qQSFHc5icAgFu6Y6_gQcCp_bgueR5_l0L-wn2jy79ZH-kB4yZxdAL9EBcoQbaEG1QBPzLFripieoLCK_n5OfbCmsmJ7_eBQuKFhnhJ7YGYPJrKhGAR4dw_VnA3cVocyZWaIosaFI0kyP_RFF2x2cvij2tQajrCdq8iG6-hb1jyxZrGGgfAbekiymTBIbLBQHeQ9Y7BoDEHOUaFvj_gdom9ayYgf9XXx_UxuW8v6z-lAaBm5raTlCnkqBXgC19ykaCgFAg5IPIkD44cU7dtGpqUtPEl_PsNTOzEMjsMT7kZ1ne98tiVo3HyTmadUQgM97PT8i_Ae9NpcCYH1xw3p2rQgTzWlPFtAavwGziQz1hJWBI7Ulfm9mb_3xp_8Wdmv67a3LjIEnFJyRNJCnIs8T3eYAqxJkbtgLJV3y-e1r8E6ihPnzT-R49prr3rAoK4TKLRrsLGsoxu9E0slBKor8cxBlkH3StYS11XlvCAfngTIk46TS_Ivz2n_g0zG5K-bLKQ8ZXK_5swcOCf-hoRPBk1iymh7RA6yTLyrli_j5UY8LXAjBiFcFUAQUbSXLHHHQRkdQErvS8oWwVGIEnwNVTeOWSIlxWB95n59afXhya2I-0Z9qEpa7QBwc0oDRxeDVmseZYVLqNkcR4s4bnt8p_gCV3vizzH9DjaWRZo5h4OD9fD-gct5B69uTsEoC6crtVTGzBUGGBhupAAcTHv1DWDLDl_K8z3RtjxIL5dwO__Whdq_7rYd20e0OA-NtB7mKf1Pu4M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
185 B 209ms
86ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 211ms
89ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 211ms
90ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 211ms
90ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 252ms
132ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 254ms
134ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST wl
t.pubmatic.com/ 0
0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 253ms
133ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 253ms
134ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 254ms
135ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 254ms
135ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:06 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDA7 42 B
64 B 152ms
74ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstuA9wgvdRAxZ_lJXzns0rSoRMkha6b82xFFYwmZeB8mtCcKGrqxI-1buuAXtwjSNP_8LjSw8hDJEJ4lmOCL0nZ1DrnkEWY4SsLowNZXNisNrbzElwGQDSaJHfJQcxGUpaYATW9g&sai=AMfl-YQeKr869ls53aQGLnzY_IZvABy5XCRSvLyVA2BnAAjf57YRRgSjr7o07umb_rktuaEmXw1S8qic8WZdqdu582FCZCFp2GK69uoPg1Z3syPJt7xBY5BY5H4DLk2J&sig=Cg0ArKJSzF5Et0OitDjaEAE&cid=CAASUORorOjstpgogn4tvyorl6WSOFrzEk4_patQJ8pH8mhaNJ09Tsi7Lf5_YOzhv1KcvkOcoX6QmjGFGxwNh8S8AP09l3C-vyP59H79yBE-VakT&id=lidar2&mcvt=1000&p=237,436,327,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=609881003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663124352584&rpt=664&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 124ms
124ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.bharian.com.my
date: Wed, 14 Sep 2022 02:59:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 44ms
44ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=375007276&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&ul=en-us&de=UTF-8&dt=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Views%20Tracker&ea=Seconds%20Views&el=5%20second%20Views&ev=0&_u=6DDAAUAjAAAAAG~&jid=301306447&gjid=472631831&cid=284938708.1663124351&tid=UA-98696-4&_gid=1755395758.1663124351&_r=1&gtm=2wg9c0TPSJR8&z=403323156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 47ms
47ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=301306447&gjid=472631831&_gid=1755395758.1663124351&_u=6DDAAUAjAAAAAG~&z=789168197

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bharian.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 02:59:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.bharian.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=301306447&_u=6DDAAUAjAAAAAG~&z=1662567328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98696-4&cid=284938708.1663124351&jid=301306447&_u=6DDAAUAjAAAAAG~&z=1662567328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 02:59:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/bharian.com.my/id/1000045/ 103 B
415 B 264ms
264ms Script
text/javascript 52.79.102.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/bharian.com.my/id/1000045/checksum?callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.79.102.132 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-79-102-132.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

4a7db71c5c4ec22400411189216d4c149d99c05adb45a8920b0dd3b38bce7f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"67-DR/ehs36TBCCK8C6mhsPaSO1Dls"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 114

GET
H/1.1 200
OK update Show response
api.dable.io/items/services/bharian.com.my/id/1000045/ 65 B
336 B 266ms
265ms Script
text/javascript 52.79.102.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/bharian.com.my/id/1000045/update?title=Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20buat%20kemunculan%20pertama&image_url=https%3A%2F%2Fassets.bharian.com.my%2Fimages%2Farticles%2FBHKANTAN14_BHfield_image_socialmedia.var_1663120653.jpg&price=&currency=&sale_price=&sale_currency=&category1=nasional&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2022-09-14T09%3A57%3A36%2B08%3A00&url=https%3A%2F%2Fwww.bharian.com.my%2Fberita%2Fnasional%2F2022%2F09%2F1000045%2Fsultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama&description=KOTA%20BHARU%3A%20Sultanah%20Kelantan%2C%20Nur%20Diana%20Petra%20Abdullah%20semalam%20membuat%20kemunculan%20pertama%20di%20Istana&body_length=1701&callback=dbljson4

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.79.102.132 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-79-102-132.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bharian.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 6
Connection: keep-alive
Content-Length: 78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: myresipi.com
URL: https://myresipi.com/wp-json/wp/v2/posts?_embed

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: recsysbh.nstp.com.my
URL: https://recsysbh.nstp.com.my/articles/284938708.1663124351

Domain: heartbeat-api.mediaprimaplus.com.my
URL: https://heartbeat-api.mediaprimaplus.com.my/hb

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: t.pubmatic.com
URL: https://t.pubmatic.com/wl?pubid=121793

Domain: t.pubmatic.com
URL: https://t.pubmatic.com/wl?pubid=121793

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bharian.com.my/	1970-01-20 05:58:46	Name: __cf_bm Value: ZIQ6.DFSYeAYaJ3vQdXhVxMnfbQWf4r4p.4g2HSexNU-1663124340-0-AYBBWeJpZM33X+ThUOonRRbR1bwlM0+Q/d98toYft5IXU3KDuYeya8FnMDLLqB/RVkiXm33ka51lFS/+9e/8g6U=
.bharian.com.my/	1970-01-20 05:58:44	Name: lotame_domain_check Value: bharian.com.my
.bharian.com.my/	1970-01-20 08:08:20	Name: _gcl_au Value: 1.1.1912672954.1663124351
www.bharian.com.my/	1970-01-20 15:27:32	Name: __atuvc Value: 1%7C37
www.bharian.com.my/	1970-01-20 05:58:46	Name: __atuvs Value: 6321437e34762c10000
www.bharian.com.my/	1970-01-20 06:41:56	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.bharian.com.my/	1969-12-31 23:59:59	Name: pageType Value: article
www.bharian.com.my/	1969-12-31 23:59:59	Name: enableAds Value: no
.addthis.com/	1970-01-20 15:27:32	Name: uvc Value: 1%7C37
.addthis.com/	1970-01-20 15:27:32	Name: loc Value: MDAwMDBFVURFU04yMzExMTkyNzAwODAwMDBDSA==
.bharian.com.my/	1970-01-20 15:34:44	Name: _ga_JNY0ZCR65R Value: GS1.1.1663124351.1.0.1663124351.60.0.0
.bharian.com.my/	1970-01-20 08:08:20	Name: _fbp Value: fb.2.1663124351203.49642840
.useinsider.com/	1970-01-20 05:58:46	Name: __cf_bm Value: ac99n9uRIDNRpLGj2o5U.R8Snyc13zSYMoSJiw7WtRk-1663124343-0-AfnsSubQZltwy5naBA4AtcT4he5YzzXQnZSGlJAKG750juIydnHsgg4/zLDpE6Y0fzRfpUSRCm1ajRCsMewQwVc=
.ohbulan.com/	1970-01-20 05:58:46	Name: __cf_bm Value: ynOJq0EOBMB.Bz2mQA5Bqx37sxToRMkwAq.IrY0l3rg-1663124343-0-AfXM+DkaiDLMVMb52TfqbzgPUg335Dm2ZTIVWXobXjNzb4Y7BWiGA12w1cCNVu7HOJ76yhL/ChZjoTnlMTCIJAE=
.bharian.com.my/	1970-01-20 15:34:44	Name: _ga Value: GA1.3.284938708.1663124351
.bharian.com.my/	1970-01-20 06:00:10	Name: _gid Value: GA1.3.1755395758.1663124351
.bharian.com.my/	1970-01-20 15:27:32	Name: _cb Value: BnN2OYCuqYwGDDQNaJ
.bharian.com.my/	1970-01-20 15:27:32	Name: _chartbeat2 Value: .1663124351485.1663124351485.1.Bp56bQBntQem2HqGBDVICcj3PkDr.1
.bharian.com.my/	1970-01-20 05:58:46	Name: _cb_svref Value: null
.bharian.com.my/	1970-01-20 05:58:44	Name: _dc_gtm_UA-98696-4 Value: 1
.bharian.api.useinsider.com/	1970-01-20 06:00:10	Name: insdrPushCookieStatus Value: true
www.clarity.ms/	1970-01-20 14:44:20	Name: CLID Value: b1283bf4839d4146b0998d8d91bf170e.20220914.20230914
.dable.io/	1970-01-20 06:00:00	Name: _skp Value: 1
.dable.io/	1970-01-20 06:17:16	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 06:17:16	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 06:17:16	Name: _nh_ck_match Value: 1
.doubleclick.net/	1970-01-20 15:20:20	Name: IDE Value: AHWqTUkjzs2kaff5BpLQns3pqDuImFYuoOEGBqq0pDFDGi05WG1P4_5md9otgcZ3_y8
.bharian.api.useinsider.com/	1970-01-20 06:00:10	Name: push-request-sent Value: true
.www.bharian.com.my/	1970-01-20 15:34:44	Name: dable_uid Value: 00000000.0000000000000
.bharian.api.useinsider.com/	1970-01-20 14:37:08	Name: native-permission-impression Value: true
.adnxs.com/	1970-01-20 08:08:20	Name: uuid2 Value: 6813999600587337254
.bharian.com.my/	1970-01-20 15:20:20	Name: __gads Value: ID=65176bb6a6729f53:T=1663124344:S=ALNI_MaNdBqWGwjv7VhSLh_NNJdcRe_jMg
.casalemedia.com/	1970-01-20 08:08:20	Name: CMPS Value: 5124
.c.bing.com/	1970-01-20 15:20:20	Name: SRM_B Value: 1A3FBB5908F461BB1968A946097F6026
.bharian.com.my/	1970-01-20 14:44:20	Name: _clck Value: b5fof5\|1\|f4v\|0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:20:20	Name: MUID Value: 1A3FBB5908F461BB1968A946097F6026
.c.clarity.ms/	1970-01-20 05:58:44	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-20 06:00:10	Name: CMST Value: YyFDeWMhQ3kA
.casalemedia.com/	1970-01-20 14:44:20	Name: CMID Value: YyFDebSzxhPbpfISmc9HkAAA
.casalemedia.com/	1970-01-20 08:08:20	Name: CMPRO Value: 1178
.casalemedia.com/	1970-01-20 14:44:20	Name: CMRUM3 Value: f16321437905a0&6f6321437905a0&116321437905a0&e6632143792760&0d6321437905a0&27632143790b40&2d6321437905a0&126321437905a0
www.bharian.com.my/	1970-01-20 05:58:47	Name: _lr_retry_request Value: true
www.bharian.com.my/	1970-01-20 06:41:56	Name: _lr_env_src_ats Value: false
.csync.loopme.me/	1970-01-20 08:09:46	Name: viewer_token Value: 1761d7d9-f934-47d3-b393-ed73b7a06abb
www.bharian.com.my/	1970-01-20 07:25:08	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-14T02%3A59%3A05%22%7D
.bharian.com.my/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1663210745709
www.bharian.com.my/	1970-01-20 06:41:56	Name: id5_storage Value: %7B%22created_at%22%3A%222022-09-14T02%3A59%3A05.778671386Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.company-target.com/	1970-01-20 15:34:44	Name: tuuid Value: d37089bb-8cf1-4079-b81f-09e8d9b92bce
.company-target.com/	1970-01-20 15:34:44	Name: tuuid_lu Value: 1663124345
.bharian.com.my/	1970-01-20 06:00:10	Name: _clsk Value: yzfk3e\|1663124353290\|1\|1\|k.clarity.ms/collect
.doubleclick.net/	1970-01-20 05:58:47	Name: DSID Value: NO_DATA
.eqads.com/	1970-01-20 08:09:46	Name: EQUser Value: UID=c8c17cd7-5848-4ac0-8c86-6d815fd099a0
beacon.lynx.cognitivlabs.com/	1970-01-20 14:44:20	Name: UID Value: 62d4f2b1-4064-4301-b817-186c3cba3ad9
beacon.lynx.cognitivlabs.com/	1970-01-20 14:44:20	Name: ss Value: lJJ2c%2BcLV61ozyPX6YwdeSwS7VZKhnDwFZcejts5HlKfHa3%2BNnJFIDi51pLCIEkEAEFKi%2FE8CYvyQYLtB7SnIg%3D%3D
.toast.com/	1970-01-20 15:34:44	Name: BID Value: R3KBDIP5USEV4D31742LD7EIY
.toast.com/	1970-01-20 06:41:56	Name: txmed_1440080439 Value: 00000000.0000000000000_:_EXP_:_1665716345
.toast.com/	1970-01-20 06:41:56	Name: txsync Value: 1663124345
.dable.io/	1970-01-20 08:22:44	Name: uid Value: 61078371.1663124345892
sync.srv.stackadapt.com/	1970-01-20 14:44:20	Name: sa-user-id Value: s%3A0-27dc383b-f33b-424b-5201-e3982484c5c2.75A%2Bt%2FdScaMRl9ptsOjgC52xagx9RZNTYUTjSEVI754
.srv.stackadapt.com/	1970-01-20 14:44:20	Name: sa-user-id-v2 Value: s%3AJ9w4O_M7QktSAeOYJITFwlD_B2o.9srUGwBGib9dRABCpiMIcvt8pP%2Fni%2BrZkqg8hcEJjBI
.ad.daum.net/	1970-01-20 08:08:20	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220914%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.casalemedia.com/	1970-01-20 08:08:20	Name: CMTS Value: 1135
.bharian.com.my/	1970-01-20 15:20:20	Name: cto_bundle Value: VowIxF8xWm5tNE5WNTM4MDh3RDAwcVV2c3dMWW1oeUF3V0lUemVHNWRwcWJUTkpFeGRCMUFEU0t0OWhkTHNGOW43UGplcGtKTFhkUWE5blZYaXNScDdtRmpPNzZualJLelNrYVhhczFzc0Q0NXNuOEd3YURjWEF5TDJsN2VIN1J1UEtzQw
.bharian.com.my/	1970-01-20 15:20:20	Name: cto_bidid Value: 8qHkSl9Tbjc2eHBSRUl0TjRSTHNMdEhrV0lrRW95UCUyRlVrcXdqa0thenowZnA1OG1SenNnMXphT0Znc2hTS1FXdlYlMkJSZktPUEFsUldxTlJuUFNqVEhCQUtPTlElM0QlM0Q
.ds.kakao.com/	1970-01-20 08:08:20	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220914%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.admixer.co.kr/	1970-01-20 15:34:44	Name: __auid Value: 54ab7e149015e337727d7271e3a04b29
.admixer.co.kr/	1970-01-20 15:34:44	Name: __puid_120 Value: 00000000.0000000000000
.admixer.co.kr/	1970-01-20 15:34:44	Name: __id_utm Value: 20220914
.admixer.co.kr/	1970-01-20 15:34:44	Name: __id_inf_120 Value: 0_00000000.0000000000000
.bharian.com.my/	1970-01-20 05:58:44	Name: _gat_UA-98696-4 Value: 1

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript	error	URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama Message: Access to XMLHttpRequest at 'https://myresipi.com/wp-json/wp/v2/posts?_embed' from origin 'https://www.bharian.com.my' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://www.bharian.com.my, *', but only one is allowed.
network	error	URL: https://myresipi.com/wp-json/wp/v2/posts?_embed Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://bharian.api.useinsider.com/ins.js?id=10001947 Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552(Line 17) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/359/pwt.js Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://static.dable.io/dist/plugin.min.js(Line 2) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://static.dable.io/dist/plugin.min.js(Line 2) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript	error	URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama Message: Access to XMLHttpRequest at 'https://heartbeat-api.mediaprimaplus.com.my/hb' from origin 'https://www.bharian.com.my' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://heartbeat-api.mediaprimaplus.com.my/hb Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552(Line 9) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552(Line 9) Message: The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript	error	URL: https://www.bharian.com.my/berita/nasional/2022/09/1000045/sultanah-kelantan-nur-diana-petra-buat-kemunculan-pertama Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.bharian.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.pubmatic.com/wl?pubid=121793 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://t.pubmatic.com/wl?pubid=121793 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src=*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
act.ds.kakao.com
ad.mediaprimaplus.com.my
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
api-public.addthis.com
api.dable.io
api.rlcdn.com
assets.api.useinsider.com
assets.bharian.com.my
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bharian.api.useinsider.com
c.bing.com
c.clarity.ms
c1.adform.net
c1d67bf3480766ddfa507fba53db9ba0.safeframe.googlesyndication.com
c2shb.ssp.yahoo.com
cdn.indexww.com
cdnjs.cloudflare.com
cm-exchange.toast.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csync.loopme.me
dsum-sec.casalemedia.com
eitri.api.useinsider.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
heartbeat-api.mediaprimaplus.com.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.admixer.co.kr
image6.pubmatic.com
images.dable.io
js-sec.indexww.com
k.clarity.ms
location.api.useinsider.com
log.api.useinsider.com
m.addthis.com
mab.chartbeat.com
match.adsrvr.org
media.ohbulan.com
media.siraplimau.com
mediaprima-d.openx.net
mug.criteo.com
myresipi.com
nep.advangelists.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
prebid.media.net
prg.smartadserver.com
r-log.dable.io
r.casalemedia.com
recsysbh.nstp.com.my
region1.analytics.google.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
sentinel.api.useinsider.com
sp-api.dable.io
ssum-sec.casalemedia.com
static.chartbeat.com
static.cloudflareinsights.com
static.dable.io
stats.g.doubleclick.net
sync.adotmob.com
sync.srv.stackadapt.com
t.pubmatic.com
tags.crwdcntrl.net
tpc.googlesyndication.com
u.openx.net
um2.eqads.com
v1.addthisedge.com
www.bharian.com.my
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
api.rlcdn.com
heartbeat-api.mediaprimaplus.com.my
myresipi.com
recsysbh.nstp.com.my
s7.addthis.com
t.pubmatic.com
103.243.202.190
104.18.18.126
104.18.19.126
104.75.88.126
107.22.33.78
108.138.7.49
121.53.104.194
13.125.31.135
13.32.121.21
142.250.184.194
142.250.185.98
15.164.184.67
151.101.193.108
162.19.138.118
172.217.18.2
178.250.0.157
18.233.196.70
183.110.238.136
185.183.112.155
185.64.190.82
185.86.138.16
198.47.127.19
198.47.127.22
2.18.232.7
2.18.235.93
20.234.93.27
20.96.88.162
2001:4860:4802:34::178
2001:4860:4802:34::36
209.54.182.161
23.205.242.120
23.35.236.201
23.35.236.247
23.35.237.151
2600:9000:236e:8c00:18:1fcd:351:7bc1
2606:4700:4400::6812:288b
2606:4700:4400::ac40:9375
2606:4700:4400::ac40:9893
2606:4700:4400::ac40:9902
2606:4700:440e::6812:2fe6
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6811:190e
2606:4700::6812:15f6
2606:4700::6812:d4c
2606:4700::6813:ac6c
2620:1ec:27::cafe:1686
2620:1ec:c11::200
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9c
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::714
3.37.106.140
34.107.148.139
34.235.205.35
34.96.71.22
35.157.246.167
35.244.159.8
37.157.4.29
37.252.172.249
37.252.172.37
52.223.40.198
52.79.102.132
54.146.105.203
54.194.94.16
64.74.236.159
66.155.71.25
72.44.36.54
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
045902f4e6e115d34798bea5e41d2fe6ed040d2b8f1e3e822b410ea344e59311
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06a4ebf9e0af34f918c8b980217c9ebab3daeea4548c1f1237a10c27f4b80760
07f97ff3efa93944f03530f2f8943f690fc5a7f68812381d7f603ca7095910dc
086c9a0a2d7d503e6b6d578eac74e1e0f8eba2e51eaf0fee3030c89acb274c68
09a4d8e432a0bb4b178a03bc9a9c6c4929bcf754cb84160e6ca0a87619943689
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e82b78b51724cc19be9ee0d97a94fdbf9fca2854e086aeb1389d5c567ba288f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127eac3851dbb875efb39fee2247ac1164028a4924a2ae7435bf49d6fcee7c80
12946be1b877c0e634b3790e0f3cba696b728aa34860f5f535636e5198ea65e9
17685d159b2a31c3a264538a08d0f9b7ac4327472c58b972548c55ad916f64de
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c9a39538558408ae0d68dc2025304bce00a82a6e7e1218529112c819f1be1b
1bdb6b2e7d6b79a4bd94aac8bdf890d5de5d2e76450bb0c19c64d08e80d6cf69
1f1f818268d6d61b76493dac82bb678bb419f0d3fa9db7e7c5ecb83915b4797b
21627d5e570e9ca13c00dfea0e822fe9bb499bc902e3bf3bbbc467d18589dd1a
22b73d7c6fe4d3c3963fc46e976a5095fc4b32af9e3b4ca30ed76ba9cc739c57
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
24ea5462f8471eced00f56f107bc2bcd9f0c749ff455921ca454eb615b88cfcb
28a5117d55c2cfb8f332d9bcabcc1473e0c3fbe41a6802737d8ea033d9e69c66
28f4e3569ae744ad3fed3fb46ac51322315da4fd586b2c0ae76dfd82444844c0
2959a137e1161478a7bfa3cd2d39fb9e83c5b17ec8af64b0a355dad6deae124d
297ec102e7c2679e8359496cd282be2483072c1ec4db2dd01d9797af9262d022
2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099
2b080bab92b152d19b4cc2535cda237d9e946c57535561d3b764ff8c64a646f2
2bc05ccb26a6ee6deb1b3fee999a054dffe3ffea34f730e4b9709ab95f22bb46
2ce2d9e4f37945d460ffdf2bc2baf2fb3913e1f924b111a742f968b3b30c4f55
2d21f78711598d4c0d1b92d4d602aa0c235b911a5c0a26c53b08945d272f2a1e
2ddf554805390cf36b334e2bdbc95de19bfc878046d50dfc70d49a2870483461
2ec05c4f944956f0bf79cfe3a78babb8939593259fc8248ec299c301fdf2059f
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
30028ec9e8d824c68d0474f65c68c50c2a4b19a942ad37f2a38518eff0ff7674
31f239cc2f2553e1fb7472b4a9ceabba0f367190ddd044f74326ba611ee25bab
3279ff9b9adb16663af879e9683f4454a0c168e61d69f17ccd5c2798bdd96600
338fadbba3db11dbb82f008c0260d1dd6f5812a15223e5e8093b5666163b623a
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
36550222ac30f145fbce0ea7cc96ecd991e18b15506763a2799659e6fa50c5ef
391651dcec07f90f9796ca307f8b48e70986bd59c5dd5fd327ec8f843a99e791
39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49
3baf20d2589d4ba9089fdcb3458dc3a6fa96f151008716f76717f5cbe73b85f4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd8940de580b7bda100c53cde1dda2c7c17a8a21035d21ca75ff31820419780
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3f554791436fbdf38fee385a669bfc13417e669a0dd84031f3171f0f9151e574
40b1ec68c08564ef11388bbcba5ffcb8b9048fb1a05a87a63826aad296fb14e0
43f85c7c7820c57b53a430c4bc1918f8634c73d26c2fff71be2e7fdfd7d6b3a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
49a09be95f9462eebd0c8fa0575b47e2653ad8cc99d2124e036a234f83546405
4a7db71c5c4ec22400411189216d4c149d99c05adb45a8920b0dd3b38bce7f6c
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e82620c6d8f8684ea8481ef85364d4e219a2463569113cc4168220cb5516d3d
4ed8650eb6a70f03af90a62111c374a184c4e3f7cb94a5098ef94714343646db
4fb3315722347355c2ff15eecc077a64badd1b07751d5fb155cfd6707dfb100c
4fef000d05d244ab71c9800781e6ab7eb29f1a5c09b617eecc182121e540b46e
500f223b1adcbfbe3c4737565c3ffa89b71db15b88cf01479185954d348f13d6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5509588912ccc64b20d0a93e187596a96516ed8c3629336a394a6d8290a09703
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
593bca57d34b3fb3085cae42a2fa02f91c86fdd38a64ce14514e044eac1ceb74
5ac2648064ff9c66d9f4528ab60c104f0ac9451dcd2cb54ac3b394c229fef262
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e5923f83079634a7407732c48932d4c9dac3aafc2e7855d65196d2d556e693b
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61266fb44d6958b3914c58706a9b6335df703b29eddfba6a940f06f5e74cfaf9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a5f0088bc5728aede7113f3b494296fbe877e2f70bf612a9a2cbf01583c718b
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9359d1ffff79e1323adedc83b8bb44ba2780ddcb3184b765a93dfd56ec7416
71e734b9e8ff583e040f9d9eed1fc94e066611d1d2bd575c28422f0b895fc626
7343cd1696f0bb61058c17bbd4f4431036e21d737cc29f67b7703006ea567776
738b6a7a5a2f029e9b35150ff7d94426fbde756e9ffff7536b6f552b32a006e4
73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a
73d96fec0238c8cac6f3c8924c5d89978feec8a07f2f45bcc7dbeceebb42e71c
75275de842deb2d0b94450046d236ac2d50188dc1296e1e08f445fe78c9fd56e
762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a
7679e159acf67586a8982e9f57acb0e89f321762914741f09313fe78f0bd9f77
76958737170eb87f06d05e2cba9d8b117be49a624d286b024f7cfbfc16f105f0
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c3f0a7ca425355deec908e5fd2a3c88d1bfaaf83b007b4537e96d862dfd254f
7c7ac64f2c31b254839b8780001b86f0abe21b8e97b8c4201647876b623ed43e
7d72a88dfb4a4ca3cd159fe6dc8cedd1bf2f704f34ef5d31b54e7585cec936f7
7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda
7fbc7c99d52978bf1aa0fad91bfd30a11eba1b7cc685ae99f5930257c9d70fde
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a3cc1b2fa25857399845ed0a3195f34ba6a2baad9e1c79767649b37771e49b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
88ba66e930efe7b43ff1f79f957d00e0abb693b61611eaf765a04dbbb6676b0b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102
8c7d7db6a23936aadedb5fd8e15a980005426abde9c658340ea2925373ab44e5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d99d86894222ef69a8008ea6cbdab6b2c3e0ba5fc7e79780b4e06da691ac794
922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d
92bf04738b0339f9f22115a3aee30620bf2e3d81e96f8cc7f0a0eeb96a62693b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
944146ef126e70cb54d0e7e925f81b68d9a7dc885a8b4f21adc5b684884f4e5e
9634ae5275a701160c919ab51a657a4fed8d9ce987def1a65295749799b7d8b3
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b24897de9588e4f2d70b17fe6a98040866885cd9871707a46e7e6fa6439f545
9b76af9d0eaf78a189efe3961f6d702e22ce649d40435f258ae59ef0b1f6843b
9cc15c8397f9c833d08e9cc7ef418024fcf98cca3d1ab51ba0c3696f4407b4f0
9da05ad9f7303211758f87d98708f7ea7142267e9b5a98f6237a12566bd6b77b
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
a11b762d8970d24fb363fd01415e89647b04c5ec0d52f55576d47cbbe638b9d8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b229fb2b7ae35e96a918f84a597b1867485d856817cf469be30074f5d4adc8
a606a3fc9f38f290f36d92f1abc30c8f6d44a2e66afcafc7393a7715c262958d
a675ecfef5937c8c45a95db9566e42c79e8058b554901336974c399d6b53bbe9
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7100751cff61bb499a18868314a45f2564fe9429d0273ae3463541423ed28a9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79662dcc171a4ad34b346209adefdc5f563b8a9852b4060738f9cc26412e1d3
a9c683dafadb4dff62ad2365f4e23deae7a8e7ae27e63000862c3402d8e16c03
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0d94a4117dbe4e575b62924b9ce6aa28a70749caa68516fe61d5c457d9a85b
aa81b9d802fddc9b7ed4a6c5d0bc29da5ec62ab28b3d0bf4a92c68911d183773
abac589feff1880ec5696db117750d3ac5708235f345ce3f99b01313e6c9afb8
abb4fae0206d72fe17da19202c17a197e18365ddce4d0aceb45c1ee06f31db9f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae7072a102da835a840be8e535dfca6d45602db4831ed3ff556a325bd6f5cff4
aebd458b7aa281bd53c1a6cbe2eb4acd6b896dcb6ada979fd683a39d3535d184
afc0736972e33c1690ed8b8b32784358465ca02f4173c36e9f09d0c4ed15741c
afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b169662984de349300d8cfbb1e50911ac500a09470d0c46af5c2ccf4274e2aea
b3a3dd6f556f2e7e56c7e1e0aadb99a94889a3599b329258aca61c26648342dd
b3c8a7b268d4b3869ebf09b4c6f5376d4d2439b2abc711e55a188b0f68dc5a2e
b4ff92e16bb8d052b2f529b72041106b31e19621134ab3de3f3924ff10f90afb
b50f84554449c8994c88cbe2be0ea3fc3fc169a0bf4a582f15da985a604760c2
b8bfed98d6cbc1c25b5d4fc71e198beb00c5fe8b1ba488d8588847a7c0f360a2
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
ba5cf86d31ee5476f838269bc00302c32c40d1bbbbc1e277d80495792dddd6fa
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bd81b4a2c81ef1e4bb8aae80b902ca0fc2f33b2365c066d9325a427b6f929086
bd860d941cc2e6ce8b31d32b0638de2d59f64716342788924e04a75835636605
be21a3516c863878c018795c6ef672601c36a9e8684f793a536d3c618f1cbcd4
bed9c47ba55f7cc6ca6310c2056e114b765435903265a3961bdbe937cbf5ea06
bff06dc7a160acbf11cd6d1425913ace1f09e7acae1d44fff4e190c522508d7e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4b25d932c3e407822d2afa981afbf55c9f5dac773fe81838c7b9969223d73b4
c60a7006ece4856ff97fc18d5563cf9d1f78ad2fd4c34d3cda2888a7f3108a4b
c67d523de52b863f63570f3ffa13614334520cc77c5a675180680b4e9592fb05
c68d78fe9e56fb4a1f8bd3d5654ecb38d8fb0ab7f1d9ab49197dab2624b1e7b8
c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9725890d097e04728161c29f833d9c02807b5b1d1f340cced4457117a2c8503
cb18959d4cb4fd90f9cd26b3f146ad58f908f5b22ccd89125e1f3c2ccf6dffc2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbd6b77c6c60a93119c9bd30d30a80ca441f8eef93f276a526b2175c69dbc4d
ce43624ffdb99bdc47832e7320a1b19463fa4d596a49a833f3d361a3c6486c16
cef730942001436dc128165f58a10277ecee18289a4c17894c6891b7ffe82139
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d2b3cddc1dcc1789d58668977161edf0eec3bf2c0659b2f3fbc2599937e52957
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d6dddecc97355eb564029a19a8acb1c9ff9cfa6df4836b37c98cd1cf2e55c252
d74ec6920f54f332eb66c6852104a6450ff2f5c4f342a1f0a3d2fabc8e34385b
d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113
d90c8433a5f254c4124af5eae37bb22e32ecb8bd1930bdd15e2ba2f1d59739e0
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfefe1b8f188b58d1bd3b65c16376beca146ee07be4a56194ccf8691dc4e7a37
e24b68c44e525ab549052d6691eb27280a003523df1c6e6713cc980d4ce6f67a
e292008636fcf6278f40e12cf30751a8f3d0efba13c7161136bcc24bed3bafde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2f92343a776d79dc6dd939ef2eba6fd8130da6cc6d3b643eb603eb2dd689f
e552c20e58ff0ad3500c9fe9d901df855594dce5d249b6a2060b7c740847fdc3
e55ebbb7e66688d30fb3dfc6ca634bfdb7b97097ec4c1c1cea12027df364d473
e67cac166df605ae1fcf15472f567ce2a4310659c8f5600529c8168efc72bfcc
e6b1b9d55329b3c3aabce7bdcd55984594b7ac8c4cc07d61f9590e1c0e3cefcd
e9b6c2ddc2e8e504cb662bc54c25b97766521662ac9dc2040ad58bcadf144167
eb5ebcc25c6cc5371d37578413b71a66aa7be55fbc1d437d5a4758e809174990
eb9b3cf4136ff3089572baf0b8db352d50463c7879ded5b9b42bb373a144cf11
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed85c65256759dc6aaddbabba01aa20858808ca909029686ab5a3632b40d3aaa
ede736874c54a33e484f3dc30563098b2621babf90027a864118639c2af04455
ee3ab12efcbb08f4ab0d942bd23b8c3009ca60b01903625517375d00a4823bfa
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b
f0c644eb93573225a4383c19be8bdc3c46dd6d6f435bbe691442a1916bb81560
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f56ccc6f38d0222f48e2a8ac98644eb007f3c9308f1da3c3e6661409c90f89a7
f577f47130c0c218f3173def6ded60212af9708a36036848edf5d5a321e50733
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bf2cf278431668a4179a779a4e1b1977003174ab3d119e6ae1a50b1d35f4b0
f76a5366a6d2c274898e62a3bc1873b9ace6f9ad17e72f5b58e43bc90beeb3c1
f7a641aabef08fd210be00002dd79144c5f78e46caaacb8ad2021d29806b9659
fb694a246195c56aa60a2331254baef94bdab4e17969eeac83ac47f2eda7396c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd1e082adc1cddbab0002246054c1b3c0ff42fc31e058c851c57b4f05a499db2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

www.bharian.com.my Open in urlscan Pro 2606:4700::6812:15f6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

381 Requests

92 %HTTPS

43 %IPv6

60 Domains

105 Subdomains

77 IPs

9 Countries

6067 kBTransfer

11282 kBSize

71 Cookies

25 Outgoing links

Redirected requests

381 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bharian.com.my Open in urlscan Pro
2606:4700::6812:15f6 Public Scan

Screenshot
Live screenshot

Full Image

381
Requests

92 %
HTTPS

43 %
IPv6

60
Domains

105
Subdomains

77
IPs

9
Countries

6067 kB
Transfer

11282 kB
Size

71
Cookies

381 HTTP transactions
1 data transactions