www.buletintv3.my Open in urlscan Pro
2606:4700:4400::6812:2a37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.buletintv3.my/
Effective URL:
https://www.buletintv3.my/
Submission: On November 21 via api (November 21st 2023, 4:23:49 am UTC) from US — Scanned from DE

Summary HTTP 260 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 35 domains to perform 260 HTTP transactions. The main IP is 2606:4700:4400::6812:2a37, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.buletintv3.my.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2023. Valid for: a year.

This is the only time www.buletintv3.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:91c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	2606:4700:440... 2606:4700:4400::6812:2a37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:98c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	18.245.60.72 18.245.60.72	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1 10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	184.31.93.220 184.31.93.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:9a00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:264... 2600:9000:2646:c000:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	34.250.99.225 34.250.99.225	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	3.39.97.207 3.39.97.207	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	3.224.128.47 3.224.128.47	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:440... 2606:4700:4400::ac40:9430	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
260	52

1 2606:4700:4400::ac40:91c9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.buletintv3.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2606:4700:4400::6812:2a37 (United States)

ASN13335 (CLOUDFLARENET, US)

www.buletintv3.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.buletintv3.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

buletintv3.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
locationv2.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98c1 (United States)

ASN13335 (CLOUDFLARENET, US)

heartbeat.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.60.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.93.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-93-220.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cfee556f581814255d418396162e959e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:c000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.39.97.207 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-97-207.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.128.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-128-47.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9430 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.revid.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	buletintv3.my 1 redirects www.buletintv3.my media.buletintv3.my	4 MB
45	googlesyndication.com cfee556f581814255d418396162e959e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	237 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	127 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	311 KB
15	useinsider.com buletintv3.api.useinsider.com segment.api.useinsider.com — Cisco Umbrella Rank: 20413 assets.api.useinsider.com — Cisco Umbrella Rank: 29475 eitri.api.useinsider.com — Cisco Umbrella Rank: 28221 locationv2.api.useinsider.com — Cisco Umbrella Rank: 21814 log.api.useinsider.com — Cisco Umbrella Rank: 29234 hit.api.useinsider.com — Cisco Umbrella Rank: 17758 image.useinsider.com	213 KB
14	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	251 KB
11	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	158 KB
8	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	1 MB
7	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	57 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6862	689 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	296 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	676 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585 mab.chartbeat.com — Cisco Umbrella Rank: 2550	25 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	31 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	revid.my hb.revid.my — Cisco Umbrella Rank: 183457	461 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	34 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	dable.io static.dable.io — Cisco Umbrella Rank: 29332 api.dable.io — Cisco Umbrella Rank: 27015	25 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136	217 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	24 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1376	201 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	mediaprimaplus.com.my heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 178306	39 KB
260	35

	Domain	Requested by
40	www.buletintv3.my	1 redirects www.buletintv3.my
35	media.buletintv3.my	www.buletintv3.my
34	tpc.googlesyndication.com	www.buletintv3.my securepubads.g.doubleclick.net cfee556f581814255d418396162e959e.safeframe.googlesyndication.com www.gstatic.com tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
10	securepubads.g.doubleclick.net	1 redirects www.buletintv3.my securepubads.g.doubleclick.net cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
9	www.google.com	1 redirects www.buletintv3.my cfee556f581814255d418396162e959e.safeframe.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
8	i.ytimg.com	www.buletintv3.my
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com assets.api.useinsider.com
4	www.gstatic.com	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
4	log.api.useinsider.com	www.buletintv3.my
4	www.google.de	www.buletintv3.my
4	www.googletagmanager.com	www.buletintv3.my www.googletagmanager.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
3	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googleadservices.com	www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.buletintv3.my
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	buletintv3.api.useinsider.com	www.buletintv3.my buletintv3.api.useinsider.com
2	www.googletagservices.com	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
2	hb.revid.my	heartbeat.mediaprimaplus.com.my
2	oajs.openx.net	1 redirects www.buletintv3.my
2	hit.api.useinsider.com	buletintv3.api.useinsider.com
2	static.chartbeat.com	www.buletintv3.my
2	eitri.api.useinsider.com	buletintv3.api.useinsider.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	tags.crwdcntrl.net	www.buletintv3.my securepubads.g.doubleclick.net
2	cdn.taboola.com	www.buletintv3.my cdn.taboola.com
2	connect.facebook.net	www.buletintv3.my connect.facebook.net
1	image.useinsider.com
1	rtb.fr3.eu.criteo.com	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ads.eu.criteo.com	cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
1	ping.chartbeat.net	www.buletintv3.my
1	mug.criteo.com	www.buletintv3.my
1	mab.chartbeat.com	static.chartbeat.com
1	api.dable.io	static.dable.io
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	locationv2.api.useinsider.com	buletintv3.api.useinsider.com
1	assets.api.useinsider.com	buletintv3.api.useinsider.com
1	segment.api.useinsider.com	buletintv3.api.useinsider.com
1	www.facebook.com	www.buletintv3.my
1	static.dable.io	www.buletintv3.my
1	heartbeat.mediaprimaplus.com.my	www.googletagmanager.com
260	60

This site contains links to these domains. Also see Links.

Domain
web.facebook.com
twitter.com
www.instagram.com
www.youtube.com
t.me

Subject Issuer	Validity	Valid
buletintv3.my Cloudflare Inc ECC CA-3	`2023-07-15` - `2024-07-14`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mediaprimaplus.com.my Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.dable.io R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2023-10-27` - `2024-11-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
revid.my Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.buletintv3.my/
Frame ID: 89C896D06A1A8AC8302BDD1FE649506F
Requests: 150 HTTP requests in this frame

Frame: https://buletintv3.api.useinsider.com/worker-new.html
Frame ID: 42659C173705A65B8533FB5E9F0E288A
Requests: 1 HTTP requests in this frame

Frame: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B159BE2B50F7C425A93971ED4921BF3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.buletintv3.my
Frame ID: 11D318F4A8FC4D54C6E06943997B08A1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 5ABC0A93817743A62B198BF73122766F
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 06535ADDFBC5B909346A621479CD7E41
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 145B7584A4CA7F9518C7E46BDDEDB518
Requests: 15 HTTP requests in this frame

Frame: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE78D1B25589B5AA2A5C425F697254FB
Requests: 13 HTTP requests in this frame

Frame: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1FA3555331D265B28FB9B490D812C766
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVwwzgABY-oK4D4DAASJLgCJkcaApGJwASTxIg&u=%7CxC9iMAel%2BxZmfdqCynBec5cSsNlgT2qW1SnXJqhFRvw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL2vi8T2DSJBGdc4rrvC7Sd6YHftX9Fd6t5gfA2vUp88N3d80NqE1iEHsFUtOAu7GMwrxxj26ec753TE9kACXFCk4nkKylGhtLRth8BBP1MGWdNnZSWC7NQW3wx8uMDBNjCkQ96nx6oD1S6fgPZo8dofKkdo7xucTl_9VLiCJziriXSXQcRYM-FNuboh28qaLJSikF_T5P7iqd1iTJ8t3Zc1ce5SgW75PjAUojEBcLrJB2y5XHS8AzsdTW-FkJhGAKzIoNKh2JXNv8yW2vEXCSJiw360iOn6QGHXY03qRfnyh-occIWLDTeigWaCdtH4Pd5gxz5fIibLk4LHB71D6ZbSSyiASrSMtg_GNQgdqIzoUjH7fgFaZElrtBzkP49CeoYmkSddEqCmUj4yUSUCAYJPdc_Uc8ifzz5dr2Utzx09mojtJKxo-FjOjpfZo7y8MGspajH-e4aVbbEICeAIP2S71Vv6dik1cb621IiBpHJCjLotWLjlihEhiqDzNDHBJt6A8VJzDiJ3A2Gd0DEddTFXeWctcoGci7zaqnvt9erPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Og1zjBcZerHBYP8gAeukpLQDMme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI5MTY4ODQyMDY4MDczNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBKgCT9CiGlpBoodnP7XvmPJxdgxW2IlijbhvwsqlKnuRHaxlW1ieRRBjTyiv3eqaMi_pjpBiTtpNXThNkYLSJAcTp_a1gUxhEHMPtASAz7-4UPo_1JaJBejiNHETOw_cyPSvRmuHhVX8RlQcLEHqLpqqZsq3_TN4Um-MjHoGBJ_EFNQxZNq2ALT7QFXISaLN_u-sZz2_y2gj5d86q5jLljbHtKYOrkWCcxrMOPW_k040-cDJa3FmhbteZbUdTixksBEeRcczEc4dCyzBBoHynh_zgNpw-8R0p53hrV8T4HcPWP8thIMKjOp4wwEKpm3DUR6FiqigqBRuWPqGaUvTUw1i4mLlB_mjywLmXDNvgpls_tSpxKW-giik3_rjCrcPk327R23H9-Lad0jgBAGABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAeINEwiL3tC9n9SCAxUDPuAKHS6JBMrQFQGAFwE%26num%3D1%26sig%3DAOD64_0cy26d1C7HrpasPRI7zR0upc-abA%26client%3Dca-pub-3291688420680736%26adurl%3D
Frame ID: 8879741420814AA3E9CD3C5B2F9079C4
Requests: 20 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 67B5F429FA1DA255EBFFA1728F2434CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html
Frame ID: A6E26309E3E4C221D087B7BC6FC95579
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 62ACD23D7A1AA66E2BA5217F0E928B34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6F4E4E8177358AF7EA6BF8DE68C057E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC34D6757CABB1EA34DD46DD1BD71475
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Utama | BULETIN TV3 Malaysia

Page URL History Show full URLs

http://www.buletintv3.my/ HTTP 301
https://www.buletintv3.my/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

260
Requests

98 %
HTTPS

71 %
IPv6

35
Domains

60
Subdomains

52
IPs

7
Countries

7338 kB
Transfer

12938 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/BuletinTV3Official/

Search URL Search Domain Scan URL

URL: https://twitter.com/BuletinTV3

Search URL Search Domain Scan URL

URL: https://www.instagram.com/buletintv3/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2p8wkJVSjsMsRv0MjTikgA

Search URL Search Domain Scan URL

URL: https://t.me/BuletinTV3Official

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.buletintv3.my/ HTTP 301
https://www.buletintv3.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://sb.scorecardresearch.com/cs/6034955/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 109

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&ocp_id=zTBcZf-EM4bJgAeWyrTACA&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296WFIxaE9RaXdFbDdXdUs1dmVuWjBxUmdYaEMxdU50cTN6Y3BWQzc3WV9mNEEaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGhwTXlPMUlhLVY1bHg4R2VRUXFXdlJGWG9NZjc0Uk10Rmx1MXFtZ3BCNjBkR1NDbXhCaENLWSITCL-fw72f1IIDFYYk4AodFiUNiA HTTP 302
https://www.google.com/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296WFIxaE9RaXdFbDdXdUs1dmVuWjBxUmdYaEMxdU50cTN6Y3BWQzc3WV9mNEEaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGhwTXlPMUlhLVY1bHg4R2VRUXFXdlJGWG9NZjc0Uk10Rmx1MXFtZ3BCNjBkR1NDbXhCaENLWSITCL-fw72f1IIDFYYk4AodFiUNiA&is_vtc=1&ocp_id=zTBcZf-EM4bJgAeWyrTACA&cid=CAQSKQDICaaNNPj7RofP6x-dnKX_ZLimRGgYIsWM5jwGlhVIsyz6eOQiAmuz&random=2215710728 HTTP 302
https://www.google.de/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296WFIxaE9RaXdFbDdXdUs1dmVuWjBxUmdYaEMxdU50cTN6Y3BWQzc3WV9mNEEaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGhwTXlPMUlhLVY1bHg4R2VRUXFXdlJGWG9NZjc0Uk10Rmx1MXFtZ3BCNjBkR1NDbXhCaENLWSITCL-fw72f1IIDFYYk4AodFiUNiA&is_vtc=1&ocp_id=zTBcZf-EM4bJgAeWyrTACA&cid=CAQSKQDICaaNNPj7RofP6x-dnKX_ZLimRGgYIsWM5jwGlhVIsyz6eOQiAmuz&random=2215710728&ipr=y

Request Chain 139

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp&cc=1

Request Chain 142

https://gum.criteo.com/sid/json?origin=publishertagids&domain=buletintv3.my&sn=ChromeSyncframe&so=0&topUrl=www.buletintv3.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=E5W-lXxUeEZrTy9QYTJKWnJndnZLMGNLWk0vYjl1N0xUMkxIS2FHb0hUR1FHOFB3bDlIOEZQcXBtT1hIR0NralJVR1ZjSWNnVCtGVS9ISnQ2MnNrMXFtN0E3d3dINkt4Q2x6OEpOQXV1bzRyQ0UzaHAxcFI3V0tlbElCM0txYmsweEowKy8rV1hqYnVwbXdUT0p1U2YzeW5tZVF3TStUdUZvZmlKZ1grNG1OVHloT1p3Q3E4eFdKUVgvMUVJMmtSUFBHUm82QWxIdmFITWZNaGtmdFVXaU5YU1FvM2hoQjRkUlJwankwU250bmNwY3EybURMT1owa2I4bVVNbWJnak1pNnZoaks5bG5Ec1NtTFkvYU50ZklMRE9VQT09fA&cppv=2

Request Chain 247

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZlVZzjBcZejHBYP8gAeukpLQDOTWtqB0s860tYYStuzs7K4JEAEgh5avIGCV-vCBjAegAaWwmbwCyAEJqQITD9A53FuyPuACAKgDAcgDSKoEtgJP0Km8yXT29fkX3yGWW5qrHuoqc0UAcCCWWdigonfkK3uX_4X-8b-UryduoK9m0xuyGAcLFhaYYpwDbIDKRla7nj4NBiGiBpkkkyv_ev6sAHWen6HLA8QJwpNgEHOZrtxlKwdOgDg6fd4PzvYKhnGv_3LaGlBG4frpvZO1pB5bkyHcIMP2-tRNMHTNW9E3rrt2I5zrsnBuiiRL65U52ias3pkrXxKEB5qvippvGSuZik4saPgd-F_rY0CKGWn0nrJeZSN-3kCSFFVFd2rhwI8rXzK4YkHwh-oz2aCCiGzsBku686JmixeV2-aVmr9hh4MJtJocMxTa8hviAc0oqE-RCmhbspesBVttfvOQco34WngL-P_y5XvwZISTmdnhcE01DbXScHSgwIyMyKbi5j7UJoSIifs7wAT6yoadrwTgBAGIBYKq7o1NoAYugAfDz-bDAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEObBBNIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCY0BaHR0cHM6Ly93d3cuYnJheC5jb20vZGVfREUvc2hvcC9sYW5kaW5ncGFnZS9zY2h3ZWluc3RlaWdlcj91dG1fc291cmNlPUdETiZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NvbnRlbnQ9QWRCdW5kbGUmdXRtX2NhbXBhaWduPWRlYnJhbmRpbmdodzIzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIne0L2f1IIDFQM-4AodLokEytgTA9AVAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBg&sigh=Fl0jyiaY30Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214375378718387396179%22,%22debug_reporting%22:true,%22destination%22:%22https://brax.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663115813%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214772413192631862529%22}&andc=true

260 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.buletintv3.my/
Redirect Chain

http://www.buletintv3.my/
https://www.buletintv3.my/

280 KB
38 KB

2178ms
2092ms

Document
text/html

2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89f47e5ac40138f0af656c26f9e6612cccb76bc91c704c46d184ad0272320de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=30
cf-cache-status: EXPIRED
cf-ray: 82962893ee629022-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 04:23:40 GMT
expires: Tue, 21 Nov 2023 04:24:10 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 82962893096b30c0-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 21 Nov 2023 04:23:38 GMT
Expires: Tue, 21 Nov 2023 05:23:38 GMT
Location: https://www.buletintv3.my/
Referrer-Policy: no-referrer-when-downgrade
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 ins.js Show response
buletintv3.api.useinsider.com/ 363 KB
96 KB 202ms
87ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buletintv3.api.useinsider.com/ins.js?id=10007866

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8cb44926f0afb4b69769237c87604cc52f9b74c3fc58fe91bfb6ed553f7e80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ArZCr7KWs2xJLUW.lpHhdtPj.IMb4dhe
cf-cache-status: HIT
x-amz-request-id: 5VN5KXGN5R22AYDZ
content-encoding: br
x-amz-id-2: gklqMKgJ5XXmIB3/6qb74DrFEoiv4aofEd2dR1jSIc5CWMrM2yLNCqIpVtLVLH4X+fl1+ahZdsE=
x-xss-protection: 1
pragma: public
last-modified: Fri, 17 Nov 2023 11:46:54 GMT
server: cloudflare
etag: W/"8f2b2af2e88cfc682c4603ab09a9cd69"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 829628a1cfe965b4-FRA
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 3f69c8ab67411d47.css
www.buletintv3.my/_next/static/css/ 143 KB
24 KB 59ms
57ms Stylesheet
text/css 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

138c7dc28a5071a21c68354198acf907495a01a407c0d703ac7f71a89606043a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:40 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 42629
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"237f4-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a10be79022-FRA
expires: Wed, 20 Nov 2024 04:23:40 GMT

GET
H2 200 webpack-a704ccee42a16adf.js Show response
www.buletintv3.my/_next/static/chunks/ 3 KB
2 KB 61ms
55ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/webpack-a704ccee42a16adf.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ace59476dd3f4f9f4c2a14e327afe5c5d064b5a751dd1f7a988a854a2c276fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41440
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"cb5-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bf49022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 framework-5f4595e5518b5600.js Show response
www.buletintv3.my/_next/static/chunks/ 127 KB
42 KB 72ms
66ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 42629
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"1fbbb-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bf59022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 main-f45d6ab6812926a5.js Show response
www.buletintv3.my/_next/static/chunks/ 100 KB
30 KB 62ms
56ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610a34411d12d8fffd5fde9e83ad26220895f97c33ece6947ad02cf8ace56660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21782
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"18ea7-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bf79022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 _app-e39b6329f054a755.js Show response
www.buletintv3.my/_next/static/chunks/pages/ 115 KB
38 KB 102ms
96ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/_app-e39b6329f054a755.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24dca46de3355afb857272fd200987cc1e5a5bdb7a8d7956ea50fac23bd85266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41440
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"1cd55-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bfb9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 71-9693e3c4295aa092.js Show response
www.buletintv3.my/_next/static/chunks/ 68 KB
24 KB 101ms
96ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/71-9693e3c4295aa092.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075765a90340ea61675192508c5761df2fa7baa38d0963ea67f70f9765d0fcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41441
cf-polished: origSize=69381
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"10f05-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bfd9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 328-7fbe545d4707d06f.js Show response
www.buletintv3.my/_next/static/chunks/ 32 KB
14 KB 101ms
96ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/328-7fbe545d4707d06f.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83e14a48336fd74a0d7411d2ecb801f29edb0c0c31043f73115ff83d67f86c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 42630
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"80c9-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a13bfe9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 428-e38dc2536d8af64f.js Show response
www.buletintv3.my/_next/static/chunks/ 143 KB
29 KB 104ms
99ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/428-e38dc2536d8af64f.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3748607a7163c42f22bf809e44d5f255fa4f42a756064180aadc545e60f12f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85121
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"23dd4-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c009022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 6-4f982ce565273d70.js Show response
www.buletintv3.my/_next/static/chunks/ 17 KB
6 KB 101ms
96ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/6-4f982ce565273d70.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9e676f6ada1f43b6d297011e58d25045af7a5ef8b3d7b6506448c8a793de44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 48635
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"44d6-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c029022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 972-490ab596fdf99222.js Show response
www.buletintv3.my/_next/static/chunks/ 87 KB
27 KB 104ms
99ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/972-490ab596fdf99222.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba1483497509fac0c1aa43ecda5ea7777c52ec71cf7eb88dfea60e2a9d43a34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 84790
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"15a2c-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c039022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 169-3791af70a8be4a5d.js Show response
www.buletintv3.my/_next/static/chunks/ 36 KB
10 KB 102ms
98ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/169-3791af70a8be4a5d.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71c68c362b3ac9717ddd1f7d2bfbf96c51de962a8b4c25850d295f28ec03cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80927
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"8f04-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c049022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 251-74ef90fbccd2274e.js Show response
www.buletintv3.my/_next/static/chunks/ 17 KB
5 KB 102ms
97ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/251-74ef90fbccd2274e.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa59ea4f709ba007c6ef7197493f6031b37385dadd80f2ac7e594c961fd07e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80927
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"4466-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c069022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 420-fcfbaabebe6566f5.js Show response
www.buletintv3.my/_next/static/chunks/ 8 KB
3 KB 101ms
97ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/420-fcfbaabebe6566f5.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8a1e983c57b6d5856c58c08c695787b1baeade6eddfd8388a3f2fef633ac78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41441
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"21ff-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c079022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 49-3a3132fec7d23e31.js Show response
www.buletintv3.my/_next/static/chunks/ 12 KB
4 KB 102ms
98ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/49-3a3132fec7d23e31.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318df846273e84ebb961eeff782c6b7692bc059ae5918976a0fb70bbc6ef85fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 48636
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"2fd3-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c089022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 index-d76dea4f97ba0ca7.js Show response
www.buletintv3.my/_next/static/chunks/pages/ 18 KB
3 KB 101ms
97ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/index-d76dea4f97ba0ca7.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e771efb2a0c3fa2e871bf4846415d5355da3f765d2d21e1d05b889ab3c04596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 83167
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"48a8-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c099022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 _buildManifest.js Show response
www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/ 3 KB
996 B 102ms
98ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/_buildManifest.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e08d0821efcd58093dbed065e769013ca0c3a775a1d4c46f00b60f848b3c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41441
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"a15-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a14c0a9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 _ssgManifest.js Show response
www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/ 107 B
211 B 100ms
97ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/_ssgManifest.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bc3c797212c1e8af33234fc30cd61dac98dce29330da2a64806b75c311a11ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 65965
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:36 GMT
server: cloudflare
etag: W/"6b-18bcbe8d660"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 1d73a5b975f38258659b47e0ef2b034e
cache-control: public, max-age=31536000
cf-ray: 829628a14c0b9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 _middlewareManifest.js Show response
www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/ 92 B
172 B 101ms
99ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/xkB7A0hRz6dkfOzWC5WdD/_middlewareManifest.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 65965
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:36 GMT
server: cloudflare
etag: W/"5c-18bcbe8d660"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 0eacbaae850e79bc67128492dfd26f32
cache-control: public, max-age=31536000
cf-ray: 829628a14c0c9022-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 BTV3_white_logo_408x64.png
www.buletintv3.my/images/ 4 KB
4 KB 55ms
54ms Image
image/webp 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buletintv3.my/images/BTV3_white_logo_408x64.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b3a50fdef072b48fab2a862cc978a76317f04d31c984fbdb45080a3d457a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:40 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 687917
cf-polished: origFmt=png, origSize=7807
content-disposition: inline; filename="BTV3_white_logo_408x64.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3824
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"1e7f-18ba8c5f2f8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
x-cloud-trace-context: 4219207d17dee7a6ece860c5460b7398;o=1
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a10be89022-FRA
expires: Tue, 21 Nov 2023 05:23:40 GMT

GET
H2 200 BTV3_colorful_logo_318x50.png
www.buletintv3.my/images/ 6 KB
6 KB 54ms
53ms Image
image/webp 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buletintv3.my/images/BTV3_colorful_logo_318x50.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ac87e5636e1376f54896af4f3b1a29100065a905b9ebb4219cd92f528b14bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:40 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 778930
cf-polished: origFmt=png, origSize=9342
content-disposition: inline; filename="BTV3_colorful_logo_318x50.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6314
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"247e-18ba8c5f2f8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
x-cloud-trace-context: 2a421c8454c1440856fa73ba4e288aca
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a10be99022-FRA
expires: Tue, 21 Nov 2023 05:23:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
66 KB 145ms
57ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPKXSKC

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

133d037dbde72dac098912c20eae935611663b5dbbab7678707971d7c288b47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67260
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 04:23:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 124ms
41ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 04:23:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FWuEkNubgaqnh3f5tsETfjavTB4rreRJw7H3tY1vN1hrZBSQwjj3N6QfZw0zCmr+8lqp5N3o7E7MUoVOWL1FLA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/revmediagroup-buletintv3/ 236 KB
47 KB 128ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/revmediagroup-buletintv3/loader.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a4aedc67e80b290b6d39a7e013e3684d2bdadb6797ec975f0faee3e37d4380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ig.1Cj86lcKtHbA_bKzAHOaFa_FHJHK1
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 04:23:41 GMT
x-amz-request-id: VF416YTAD6PTY4AA
age: 27804
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47237
x-amz-id-2: xBUYY0yRo2MpXCrKYQMmfUssmVc/LiBa8LV5iTJ8eQjkt8CMwA5sVgkzfjk6FJ18TWfjw/req18=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Mon, 20 Nov 2023 13:28:35 GMT
server: AmazonS3
x-timer: S1700540621.086271,VS0,VE1
etag: "fc14453c2a650399dc43b23d5b87d66c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 headline.png
www.buletintv3.my/images/ 278 B
719 B 55ms
55ms Image
image/webp 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buletintv3.my/images/headline.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09f75ed6bb87657862f468aa26d35de654ea17babeecd9515c89a792a88991d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1027486
cf-polished: origFmt=png, origSize=520
content-disposition: inline; filename="headline.webp"
alt-svc: h3=":443"; ma=86400
content-length: 278
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"208-18ba8c5f2f8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
x-cloud-trace-context: 3625a97fa4fe71ea0e4db2402b4c77d1
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a178483813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 gantari-v1-latin-600.woff2
www.buletintv3.my/fonts/ 10 KB
10 KB 56ms
55ms Font
font/woff2 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/fonts/gantari-v1-latin-600.woff2

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f9b838a0fcc89984ec176870f6eb715e360b7092578069183a9fcd8f3b1426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 849070
alt-svc: h3=":443"; ma=86400
content-length: 9784
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"2638-18ba8c5f2f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-cloud-trace-context: 89361d3b110d458746b688f455e926c1
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a188533813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 gantari-v1-latin-700.woff2
www.buletintv3.my/fonts/ 10 KB
10 KB 57ms
57ms Font
font/woff2 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/fonts/gantari-v1-latin-700.woff2

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53cde1183bf689436d50ce9e9c7268e186deefeb44951c3a75e106d23760d33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1027486
alt-svc: h3=":443"; ma=86400
content-length: 9728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"2600-18ba8c5f2f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-cloud-trace-context: 9ef3b981c5434980cd87c8475559ef29
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a188543813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 gantari-v1-latin-regular.woff2
www.buletintv3.my/fonts/ 9 KB
10 KB 95ms
94ms Font
font/woff2 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/fonts/gantari-v1-latin-regular.woff2

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b24975cc8aeb868ec0eb4de7a0e1e38ff55078888e54c7a44621f94491caa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 783626
alt-svc: h3=":443"; ma=86400
content-length: 9432
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"24d8-18ba8c5f2f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-cloud-trace-context: 23b8ec2237342188d4967bd84709cf15
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a188553813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 BOxQwhmS-BULETIN-TV3-23.jpg
media.buletintv3.my/2023/11/ 100 KB
101 KB 1055ms
1015ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/BOxQwhmS-BULETIN-TV3-23.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

805fbb16149765bffc2c1bf049f231d04854bb2c6b448a95280998c0b5b63397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPr80uptMBYcgL6kL2AJ-aiDGVDiYxA1xK-MLkNIUKjUOVtyKx7Fx-GcqHrM7Dctip8Odks
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 102664
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 04:18:56 GMT
server: cloudflare
etag: "96171c177468579355c7d74c5a2b79da"
vary: Origin, Accept-Encoding
x-goog-generation: 1700540336347073
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=AJkotA==, md5=lhccF3RoV5NVx9dMWit52g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 102664
accept-ranges: bytes
cf-ray: 829628a1ec5d9022-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H2 200 UCXfXnCx-BULETIN-TV3-19.jpg
media.buletintv3.my/2023/11/ 96 KB
96 KB 417ms
377ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/UCXfXnCx-BULETIN-TV3-19.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5343e0c0e2b92d8de63fe8976048f89b11ee1510f95b9891edb18172f06d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqRzE4IFiyxCB0NAO1X6Dye4kg4akn5pl8XLa-KilCKy4D2cg9pi3RzrRtbT3vZwGM_a3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 98322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 03:03:03 GMT
server: cloudflare
etag: "31c4a1ef8eda58628d53e78c48eeb8f7"
vary: Origin, Accept-Encoding
x-goog-generation: 1700535783788201
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=n5Mbyw==, md5=McSh747aWGKNU+eMSO649w==
cache-control: public, max-age=3600
x-goog-stored-content-length: 98322
accept-ranges: bytes
cf-ray: 829628a1ec5c9022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 4ln4YZth-BULETIN-TV3-17.jpg
media.buletintv3.my/2023/11/ 61 KB
61 KB 1307ms
1267ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/4ln4YZth-BULETIN-TV3-17.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f56e8c8ebe238c5f7ac1c9f559c33a66a8e168ac07b952ebc5837af57c0d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=65708, status=vary_header_present
x-guploader-uploadid: ABPtcPo8tw6q7xv-AiY3JTxm8bDv2m7sGiOnyy4g5BTjZKaNVyzPsqnNPrN6ZpTPqQcpOU7CpDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 62381
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 02:53:33 GMT
server: cloudflare
etag: "cef459191c3a96b0789c9d4401557171"
vary: Origin, Accept-Encoding
x-goog-generation: 1700535213328460
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=a3Fhrw==, md5=zvRZGRw6lrB4nJ1EAVVxcQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 65708
accept-ranges: bytes
cf-ray: 829628a1ec5a9022-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H2 200 huSGK4Cn-SS-ARTIKEL-ITU.jpg
media.buletintv3.my/2023/11/ 134 KB
134 KB 425ms
385ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/huSGK4Cn-SS-ARTIKEL-ITU.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e7fc505584f40226ee366a49981e755b22ed6d7ea5a7d164c60eef4ac42a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPq9WmIlTuazOpfKGHERO8o76fN5e5Ofiadj2_H1IbdWIWp1w7OPiazaQA_rEUKfViwjB18
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 136736
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 02:51:39 GMT
server: cloudflare
etag: "a3b83aec9768c63472c6b66912f42d36"
vary: Origin, Accept-Encoding
x-goog-generation: 1700535099728437
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=4CQpWQ==, md5=o7g67JdoxjRyxrZpEvQtNg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 136736
accept-ranges: bytes
cf-ray: 829628a1ec5b9022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 VS45FDF3-BULETIN-TV3-14.jpg
media.buletintv3.my/2023/11/ 100 KB
100 KB 114ms
74ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/VS45FDF3-BULETIN-TV3-14.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda2c8787b9e600e0d478572b1fabedef4765c3b18a897324686bdd66eac3b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPph5aEXQy24NT6aSExP40rto8saiY1xzBXpHnOIpdYux5BelGzgr5O3wzC_USm5jHAoGNczO7KGNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 102353
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 02:47:16 GMT
server: cloudflare
etag: "0e52929d586f73999e8c29d575f9ac87"
vary: Origin, Accept-Encoding
x-goog-generation: 1700534836293550
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=gFcigg==, md5=DlKSnVhvc5mejCnVdfmshw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 102353
accept-ranges: bytes
cf-ray: 829628a1ec699022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 sZBPVJG0-BULETIN-TV3-22.jpg
media.buletintv3.my/2023/11/ 77 KB
77 KB 110ms
70ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/sZBPVJG0-BULETIN-TV3-22.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18519952b94a2038942dfdcc2ad46fba85dd4cf8b2b2cef2d9b413ff705e625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPomb0cUlUlh1Yqb_fR30O2z5xOU_n29ISBFOY6Gijc6IwzOFnWgIRRRw8G1ean5nGy4Ipp6xlPd8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 78973
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 03:53:55 GMT
server: cloudflare
etag: "b2f98666be20608447959161342e1f80"
vary: Origin, Accept-Encoding
x-goog-generation: 1700538835207141
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=IwvYgg==, md5=svmGZr4gYIRHlZFhNC4fgA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 78973
accept-ranges: bytes
cf-ray: 829628a1ec639022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 BULETIN-TV3-12-1.jpg
media.buletintv3.my/2023/11/ 65 KB
66 KB 94ms
67ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/BULETIN-TV3-12-1.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6fe2e8252bb102633ff95ff99a44f64e7bcb88e90fe338219917edb28e8f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPrArFs2cqqXyt8cehxJCysKNRTizfD5p8Dn-TzPkX5HNATfn-pfEXePzSfLVnjzzkg6_30
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 66941
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 02:34:36 GMT
server: cloudflare
etag: "d7e9ab16199dd3421c7d808f4a70a614"
vary: Origin, Accept-Encoding
x-goog-generation: 1700534076201177
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=4SZcaA==, md5=1+mrFhmd00IcfYCPSnCmFA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 66941
accept-ranges: bytes
cf-ray: 829628a1ec679022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 HhlGuuPS-pp-cms-L-8.jpg
media.buletintv3.my/2023/01/ 153 KB
153 KB 429ms
402ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/01/HhlGuuPS-pp-cms-L-8.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0454cfc7f71698fac8a75099892c06562e78686ff9de5e70f10e073b78cdf927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPrPxMPEt_TOAAlOKraXPPeS1kihTsKsb43GtTvguP_PbNtfWjhjqOBgUUBR3b2FC7t8dOo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 156468
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jan 2023 02:14:27 GMT
server: cloudflare
etag: "6b474f414335b6c14545d08770ee5e35"
vary: Origin, Accept-Encoding
x-goog-generation: 1673403267086524
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=mcH10w==, md5=a0dPQUM1tsFFRdCHcO5eNQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 156468
accept-ranges: bytes
cf-ray: 829628a1ec659022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 MV87Artt-BULETIN-TV3-24.jpg
media.buletintv3.my/2023/11/ 97 KB
98 KB 420ms
394ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/MV87Artt-BULETIN-TV3-24.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee2a7af002ef975a144e713054348c5651db5c926fdeb141a194dd4d5b413dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPrnaeV8za7sBE48JNG8YfbaKNTuaWGi7FzS3nlSMaVZAw9m62ym5YzE8jrlYRlcXeagfltlKZI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 99532
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 06:44:39 GMT
server: cloudflare
etag: "e43f9fbc972a5a0d9e287500fe7ec2ed"
vary: Origin, Accept-Encoding
x-goog-generation: 1700462679250597
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=vJmjqQ==, md5=5D+fvJcqWg2eKHUA/n7C7Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 99532
accept-ranges: bytes
cf-ray: 829628a1ec629022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 5wMghGYu-BULETIN-TV3-8.jpg
media.buletintv3.my/2023/11/ 123 KB
123 KB 420ms
394ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/5wMghGYu-BULETIN-TV3-8.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e0e5527edc4ac1047d0eaa2b8d57d9209f2479a285be54824929bb677548dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqNiVdrU53PZj18T7vS_ocxzTT8AGmlCEHUMDA7O-rLQnaDqtDmeMFTwtUQZ_42A0Ly4Nk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 125524
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 01:36:35 GMT
server: cloudflare
etag: "4facd4db2e6161895099768dd1c01a4e"
vary: Origin, Accept-Encoding
x-goog-generation: 1700530595821100
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=/sp67A==, md5=T6zU2y5hYYlQmXaN0cAaTg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 125524
accept-ranges: bytes
cf-ray: 829628a1ec5e9022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 DEWAN-RAKYAT.jpg
media.buletintv3.my/2023/06/ 106 KB
107 KB 417ms
391ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/06/DEWAN-RAKYAT.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67544f2e1cc5b1d90f2214040fbd4b8a8f5a7a4126e8958ea750bc4992a47e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=113061, status=vary_header_present
x-guploader-uploadid: ABPtcPpBFoyYJs2ZWA8F278RV1Jkxi95OKDnH33-Go3jfNNluePVHSMalyosSydcZl2wzrkEhDk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 108889
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Thu, 15 Jun 2023 09:37:09 GMT
server: cloudflare
etag: "19e80f92fb39dafda206955e94216927"
vary: Origin, Accept-Encoding
x-goog-generation: 1686821829040049
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=M/xmkg==, md5=GegPkvs52v2iBpVelCFpJw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 113061
accept-ranges: bytes
cf-ray: 829628a1ec609022-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 IcXMm0PH-BTV3-WORK-1.jpg
media.buletintv3.my/2023/11/ 60 KB
61 KB 423ms
420ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/IcXMm0PH-BTV3-WORK-1.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90082b352225bc9d0f5fc05da1141ab7d9a7744ff88fadaac6fad1813ae5a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=64586, status=vary_header_present
x-guploader-uploadid: ABPtcPrM9nXX3Dk1OPmmE6nx2kXnRiD514zIoXFDgXM8aSzHacFYw0zCJIJyZKb0WkUZ5oOcdI0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61775
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 07:53:41 GMT
server: cloudflare
etag: "e9e8464135b292d65afd01cc619ab5b4"
vary: Origin, Accept-Encoding
x-goog-generation: 1700380421822045
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=fCtTCQ==, md5=6ehGQTWyktZa/QHMYZq1tA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 64586
accept-ranges: bytes
cf-ray: 829628a268f63813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 BntSTOs1-BTV3-WORK.jpg
media.buletintv3.my/2023/11/ 65 KB
65 KB 464ms
461ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/BntSTOs1-BTV3-WORK.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c264f82677f9292cc031771999d6bc18495e598eaf271c003c7e5c97ae19bd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=69013, status=vary_header_present
x-guploader-uploadid: ABPtcPo5mCak-Rzm7KkykLpn5107hGQJbaKZQm4ZI27LaTbtMHy3ieHqSSv9lLHDt_H7Uy3eIjw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 66062
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 07:51:15 GMT
server: cloudflare
etag: "bff19282f980b35d209d351ab243236a"
vary: Origin, Accept-Encoding
x-goog-generation: 1700380275163320
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=PUnAeQ==, md5=v/GSgvmAs10gnTUaskMjag==
cache-control: public, max-age=3600
x-goog-stored-content-length: 69013
accept-ranges: bytes
cf-ray: 829628a268f73813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 f82yWym8-BULETIN-TV3-62.jpg
media.buletintv3.my/2023/11/ 134 KB
135 KB 503ms
500ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/f82yWym8-BULETIN-TV3-62.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3faf853c2873e245c02fab0081e6026151ff532a2f0e6e589613aca4ca7aaf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=143853, status=vary_header_present
x-guploader-uploadid: ABPtcPpm6bsCajaNhZRt087Hu5xMcKoOy2fQXE-CUMUDs_kNLzzSLCxQN3K76zxIgmze1-mBOKx1hF7mgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 137277
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 07:41:32 GMT
server: cloudflare
etag: "b42aa64f575fd499de89fba8fc98c26a"
vary: Origin, Accept-Encoding
x-goog-generation: 1700379692894828
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=jNjy3g==, md5=tCqmT1df1Jneifuo/JjCag==
cache-control: public, max-age=3600
x-goog-stored-content-length: 143853
accept-ranges: bytes
cf-ray: 829628a268f93813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 7za7exeU-CMSS.jpg
media.buletintv3.my/2023/11/ 148 KB
149 KB 1301ms
1298ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/7za7exeU-CMSS.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed51edabd51f121744898d4e628b8265ba59da0fbd5af5c1a72bb3f1988227f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPpiVeDRJ6PE_QfXXs_022WOrvwEBGcMc7ZpNF5J8js7NPU5jLoyytKEPZjfIeOeZscZMcM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 151950
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Nov 2023 07:52:14 GMT
server: cloudflare
etag: "d178340a4a7425de508cc4c8fd823b0c"
vary: Origin, Accept-Encoding
x-goog-generation: 1699948334865240
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=K15ILw==, md5=0Xg0Ckp0Jd5QjMTI/YI7DA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 151950
accept-ranges: bytes
cf-ray: 829628a268fa3813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 MONA-FENDI-1.jpg
media.buletintv3.my/2023/11/ 395 KB
396 KB 1318ms
1315ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/MONA-FENDI-1.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b08feaf1c16ee3f37db073e611c99f7340efa4530c3b1360c6cea0d045e72ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=432646, status=vary_header_present
x-guploader-uploadid: ABPtcPooDDbi2xJgo7eDL_5UxjXWLhs2uivLr5ltX8MkKgXzu87nrRjr48n_ODEFLwmXs4xdF7g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 404775
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 Nov 2023 07:35:13 GMT
server: cloudflare
etag: "5125d90faaacee491856bce92e0287ee"
vary: Origin, Accept-Encoding
x-goog-generation: 1699428913154883
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=yVx8Mw==, md5=USXZD6qs7kkYVrzpLgKH7g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 432646
accept-ranges: bytes
cf-ray: 829628a268fb3813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 JhfIDJJa-BULETIN-TV3-14.jpg
media.buletintv3.my/2023/11/ 78 KB
79 KB 541ms
538ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/JhfIDJJa-BULETIN-TV3-14.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e86a2ece5692ebb6ae47a4ffc9ff35ec1171867ca20d6a4c73bbcbff1cc481a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqLl7M_75ZoHJA3WSLiO2dziqn7K10jMqN2o-kJbeQrdqIdubQ2aQnA5QBPYONsx1wnNPE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 80025
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 10:02:53 GMT
server: cloudflare
etag: "18ca25b730cf108cdaac89830910fa82"
vary: Origin, Accept-Encoding
x-goog-generation: 1698832973489220
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=2fipcQ==, md5=GMoltzDPEIzarImDCRD6gg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 80025
accept-ranges: bytes
cf-ray: 829628a268fc3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/wTxwVM72eoU/ 209 KB
209 KB 294ms
188ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wTxwVM72eoU/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

054a3be83c428d1d7eebd8a0c280c25d8cc38aaa88b8ff24cd970ffbfc0239cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214115
x-xss-protection: 0
server: sffe
etag: "1700529006"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/nAjkszo6Cw8/ 162 KB
162 KB 360ms
254ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nAjkszo6Cw8/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc6f66ba1e45880dadc9eb9aef569dbe898b90c9d5692f56c3c8406a8a4c086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165790
x-xss-protection: 0
server: sffe
etag: "1700528921"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/i53gZv_VSwM/ 101 KB
101 KB 350ms
244ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/i53gZv_VSwM/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4782513408b20f59c0d82a456a0dc21137103a3b92fdd7ea3322c566aa3a674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103360
x-xss-protection: 0
server: sffe
etag: "1700528889"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/L_yLXfEmTns/ 166 KB
166 KB 315ms
210ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/L_yLXfEmTns/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c3ca79a01bcd2463210b2ebc35761eedbf2dcf7341626efc93b19f5277461a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170022
x-xss-protection: 0
server: sffe
etag: "1700528861"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/D9rZ9LfKM7c/ 102 KB
102 KB 338ms
232ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D9rZ9LfKM7c/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96313211d7bf074cdb4c8054501cba3e02ef2a6e87df9701aced5e8c72eb42e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104748
x-xss-protection: 0
server: sffe
etag: "1700528838"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/mOIvw36fxdQ/ 94 KB
95 KB 160ms
54ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/mOIvw36fxdQ/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

307a124700705d26faf7fd71e4041eda45bd350cc71f3524e63f57eac42fc62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96612
x-xss-protection: 0
server: sffe
etag: "1700488015"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/r7913ULQVuw/ 116 KB
116 KB 145ms
144ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/r7913ULQVuw/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19937e0104eab4f38307ebe257f186669e452de812509e52b71e5b915a8a629d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119064
x-xss-protection: 0
server: sffe
etag: "1700487946"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/XoI2H4w3MCo/ 138 KB
138 KB 256ms
255ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XoI2H4w3MCo/maxresdefault.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d35e91a0ab25ac7ed62dccdc96c0d2bf6c72112ab3a4f04c6e8ba5984c74e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141536
x-xss-protection: 0
server: sffe
etag: "1700487339"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 04:28:41 GMT

GET
H3 200 WJqbBbvd-BTV3-WORK-2.jpg
media.buletintv3.my/2023/11/ 73 KB
73 KB 1314ms
1311ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/WJqbBbvd-BTV3-WORK-2.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab2f7936ce9fb0528675b3cc5d51dc1c91c8b0b40971efaf4970fc6436cf951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=76839, status=vary_header_present
x-guploader-uploadid: ABPtcPoDkiaIIJb-QNmVjcw8kdEbaf2CFY7FEGSTgQhPBhFvieTaqbcnt_Hm2AUo8PI5ccuD_ak
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 74381
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 13:45:47 GMT
server: cloudflare
etag: "345b25f152cb9ba9cdca6ed881d6e42b"
vary: Origin, Accept-Encoding
x-goog-generation: 1700401547599697
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=d0cgHA==, md5=NFsl8VLLm6nNym7YgdbkKw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 76839
accept-ranges: bytes
cf-ray: 829628a268fd3813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 Gx4UfzfM-BULETIN-TV3-60.jpg
media.buletintv3.my/2023/11/ 68 KB
69 KB 543ms
540ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/Gx4UfzfM-BULETIN-TV3-60.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0a0db1c32dd0055986495d5be1c0f0a9cab0a0326489460cb5368da88dd9962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=72087, status=vary_header_present
x-guploader-uploadid: ABPtcPrKEvYGcgVoysKSemARCvlSryq6_KJYmZXZqZzu1d5VVdHsbmsH_-Ml11w4gz20jshxrRu94b4OjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 69635
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 07:31:47 GMT
server: cloudflare
etag: "a7d04e614c7d99dbc3a4976e40ed0526"
vary: Origin, Accept-Encoding
x-goog-generation: 1700379107493072
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=FEU4fg==, md5=p9BOYUx9mdvDpJduQO0FJg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 72087
accept-ranges: bytes
cf-ray: 829628a268fe3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 C52oC0dP-BULETIN-TV3-46.jpg
media.buletintv3.my/2023/11/ 105 KB
106 KB 2288ms
2286ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/C52oC0dP-BULETIN-TV3-46.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870a1110a4926700f852dc48399542a32c8f6fbf774778de6fe180b747f30c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqG3zZ5apTuNZ79-_8AC9ya2lh1oo6KWhOyelz-E7cwv3KHS14T3BBMaiglpexWtnSAk79A3Bm1_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 107601
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Nov 2023 05:13:06 GMT
server: cloudflare
etag: "c971f43fe125f2939cd0f73a7c13bfab"
vary: Origin, Accept-Encoding
x-goog-generation: 1700370786283195
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=jO8ZHw==, md5=yXH0P+El8pOc0Pc6fBO/qw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 107601
accept-ranges: bytes
cf-ray: 829628a268ff3813-FRA
expires: Tue, 21 Nov 2023 05:23:43 GMT

GET
H3 200 NPuYkX0c-BULETIN-TV3-33.jpg
media.buletintv3.my/2023/11/ 59 KB
59 KB 544ms
542ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/NPuYkX0c-BULETIN-TV3-33.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e4c71053dd24543ce9d874c54f767c0452da6925f19f209f009f5ff19e29bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=62059, status=vary_header_present
x-guploader-uploadid: ABPtcPoiEnmrWqHg-vqLjgOiEHRA4z3xVGUeOxCXbPPg8zT7DZnhnpLPE5h-_uBT7x5DWuv3gSw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 60068
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Nov 2023 03:35:54 GMT
server: cloudflare
etag: "01d050121d7710af96227d7033383d4f"
vary: Origin, Accept-Encoding
x-goog-generation: 1700364954822787
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=pZg8bA==, md5=AdBQEh13EK+WIn1wMzg9Tw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 62059
accept-ranges: bytes
cf-ray: 829628a269013813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 KdY4ooop-BULETIN-TV3-1.jpg
media.buletintv3.my/2023/11/ 129 KB
130 KB 1315ms
1312ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/KdY4ooop-BULETIN-TV3-1.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9dda51d4f414255e9a9c329113dde2345a6284fd7b47f9fcd245ca9169eb43c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=139583, status=vary_header_present
x-guploader-uploadid: ABPtcPoCkLG3Q6_SfnDy2yMtYEmhY__UkpyC-P2O6DDs9QybAfQdhiZKtDA-PoZzWzPdaqdH-zow6wM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 132075
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 00:02:11 GMT
server: cloudflare
etag: "506bde9a32436794de1b33b7a0efd825"
vary: Origin, Accept-Encoding
x-goog-generation: 1700524931317168
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=VAWbCA==, md5=UGvemjJDZ5TeGzO3oO/YJQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 139583
accept-ranges: bytes
cf-ray: 829628a269023813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 4GT7KsZ5-NEW-PP-CMS.jpg
media.buletintv3.my/2023/11/ 124 KB
124 KB 580ms
577ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/4GT7KsZ5-NEW-PP-CMS.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebaa7afc988e5734efa43b9b6ebea3020bcb07a993f120355c91c4af985ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoPViQjFx2VsNpnDOti_gI5XXW8CJE-YdVcD7HHQXMDpP8Qoww2gxOSbVfC4QpH6WuzKrs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 126550
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 12:48:41 GMT
server: cloudflare
etag: "e5779ad9e9981f3f5c22bd605cdcec87"
vary: Origin, Accept-Encoding
x-goog-generation: 1700484521761554
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=W/OqvA==, md5=5Xea2emYHz9cIr1gXNzshw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 126550
accept-ranges: bytes
cf-ray: 829628a269033813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 oQQppTsE-BTV3-WORK-23.jpg
media.buletintv3.my/2023/11/ 41 KB
42 KB 1343ms
1340ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/oQQppTsE-BTV3-WORK-23.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3aceaf54fd11a2b48e6a368c83f5116e6913f1a2b9fa6257db97f6a524a79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=45503, status=vary_header_present
x-guploader-uploadid: ABPtcPoTHUtnW9KLbljuoMfjPyvUGNYaGkV9-42ByvFwW169o3XuA6310uwp-SFd4SQ1GXFt7gE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42107
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Nov 2023 12:39:05 GMT
server: cloudflare
etag: "40ff666f1766e696e69e6fc7e76a8a98"
vary: Origin, Accept-Encoding
x-goog-generation: 1700483945969732
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=XxYjDA==, md5=QP9mbxdm5pbmnm/H52qKmA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 45503
accept-ranges: bytes
cf-ray: 829628a269043813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 CMS-PPZ-16.jpg
media.buletintv3.my/2023/01/ 44 KB
44 KB 1094ms
1091ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/01/CMS-PPZ-16.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

609b1e47b47f2f319c93307e295c7f734f7398b8db7e97ff9eae80fe16bbc63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoms0y_FG8KANcEoxE3yvHFo9kMsDyVMn8T6IFALPK-yH8Yjq9vLvhrzpiZphlTN8fNlKs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 44776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Jan 2023 10:10:41 GMT
server: cloudflare
etag: "61a0db484b51c0209ebdbf9f7abc9def"
vary: Origin, Accept-Encoding
x-goog-generation: 1672654241229772
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=EoH3sw==, md5=YaDbSEtRwCCevb+feryd7w==
cache-control: public, max-age=3600
x-goog-stored-content-length: 44776
accept-ranges: bytes
cf-ray: 829628a269053813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 uE4xKfD8-BTV3-WORK-8.jpg
media.buletintv3.my/2023/11/ 62 KB
62 KB 583ms
580ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/uE4xKfD8-BTV3-WORK-8.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bcc85558ba35b51c637311b876869751dd89de1db3377c715197552e1bf55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=65290, status=vary_header_present
x-guploader-uploadid: ABPtcPpJ5igRI5FcgYX8DSLDTW-uqazRcExtHAR-ddTNRFDHU88-CLl7k8TPNU9Qm8MPeOKG4fc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 63228
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Nov 2023 15:56:02 GMT
server: cloudflare
etag: "51eb35392c759cdcc949c2bcad7cc7d2"
vary: Origin, Accept-Encoding
x-goog-generation: 1700495762002903
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=3AfA/A==, md5=Ues1OSx1nNzJScK8rXzH0g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 65290
accept-ranges: bytes
cf-ray: 829628a269063813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 pf3NRufF-BTV3-WORK-1.jpg
media.buletintv3.my/2023/11/ 82 KB
82 KB 1290ms
1287ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/pf3NRufF-BTV3-WORK-1.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28fc24d827dec681132334e2a9a0f1bebbc52cdeff97ab711e38226662e00c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqgOHxT3lshX4klotAIXaTJUEY2Y2JqzU6BUuJe0_QCHE75wJaJiP29TcbRWOd4qxruE8o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 83562
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 14:46:49 GMT
server: cloudflare
etag: "1e3dbfceba1892f1b6cd06fb0a44260f"
vary: Origin, Accept-Encoding
x-goog-generation: 1700491609562032
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=Aq6vKQ==, md5=Hj2/zroYkvG2zQb7CkQmDw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 83562
accept-ranges: bytes
cf-ray: 829628a269073813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H3 200 Ji7LdwGM-BTV3-WORK-19.jpg
media.buletintv3.my/2023/11/ 104 KB
105 KB 584ms
581ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/Ji7LdwGM-BTV3-WORK-19.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7b01ec2de5d6dcba8437f7b220e1730efedcf321c78832a3b5a4fbbd509f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoTDMSxxd9lFuuvrYIK6A5r09MQ_0hcU6krHdCxfXmz_Y3ifNdictAYxyoyFOOnVTVbFx_F7C4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 106509
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 12:07:12 GMT
server: cloudflare
etag: "cc83245eac419a7ec6ff2325540a68b6"
vary: Origin, Accept-Encoding
x-goog-generation: 1700482032822060
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=YpU3NA==, md5=zIMkXqxBmn7G/yMlVApotg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 106509
accept-ranges: bytes
cf-ray: 829628a269093813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 PQLkv3MY-BTV3-WORK-15.jpg
media.buletintv3.my/2023/11/ 105 KB
106 KB 2234ms
2231ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/11/PQLkv3MY-BTV3-WORK-15.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05da67e77101eb55bb45ed769e729644573f7a19a67905b1abe4b556a5cfe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqr0_g8vgXqdYp6trGllMfUm9DqhciDqYysatsd8JuTj0hU_40db2t3fOzMjdIK1upB_EI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 107723
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 10:52:48 GMT
server: cloudflare
etag: "2bd8dff55178cc1dc7d761f8f32d99e2"
vary: Origin, Accept-Encoding
x-goog-generation: 1700477568338840
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=VxkdeA==, md5=K9jf9VF4zB3H12H48y2Z4g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 107723
accept-ranges: bytes
cf-ray: 829628a2690b3813-FRA
expires: Tue, 21 Nov 2023 05:23:43 GMT

GET
H3 200 b5W5T4Xh-CMS-PPZ-34.jpg
media.buletintv3.my/2023/01/ 61 KB
62 KB 586ms
584ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/01/b5W5T4Xh-CMS-PPZ-34.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58509914fa12bcd1629aec901f6b62de6c34211913e95039d44b6bc789645c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPp35erYCsd_0YLwEy0I41gj67E5M0oMo_YzYSWIbl8kMHSaJfV8sGeHOzL4vYB2d5_Qh4MEiPgGMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 62821
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Jan 2023 06:55:12 GMT
server: cloudflare
etag: "e8edbb23e990dc1a35daf0ef7928124a"
vary: Origin, Accept-Encoding
x-goog-generation: 1674802512672167
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=vNXUMw==, md5=6O27I+mQ3Bo12vDveSgSSg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 62821
accept-ranges: bytes
cf-ray: 829628a2690c3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 pWnrspMZ-PP-CMS-14.jpg
media.buletintv3.my/2022/11/ 110 KB
110 KB 591ms
589ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2022/11/pWnrspMZ-PP-CMS-14.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8dcfa77128404119f28eb65c03a9ec7e7251aac5075f6d3b2e1a770ba80f372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPpZDLtQcP_BLd84PFh7F39KjdIYkf__g64m7lul6KEmMpQQNk6TQDaXzJRgGXh6x4MYBW0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 112218
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Nov 2022 02:53:33 GMT
server: cloudflare
etag: "415812b6fc10bca5082ca712c60a2cb3"
vary: Origin, Accept-Encoding
x-goog-generation: 1669172013076253
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=YIEHdQ==, md5=QVgStvwQvKUILKcSxgossw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 112218
accept-ranges: bytes
cf-ray: 829628a2690d3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 WZsZ04Dl-pp-cms-30.jpg
media.buletintv3.my/2023/01/ 203 KB
203 KB 623ms
620ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2023/01/WZsZ04Dl-pp-cms-30.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b9dd60afd8ed654d252022546b514ca6bf7d8f2072e34018e54798a4fb0341d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPrc5Kzh6pRJFlUfOCB0nqaiPojFz_1WBDY_U7j8lx-xZPm0YVUAV8C8zIlmzlyoxGNM96RZc24
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 207608
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Jan 2023 04:42:29 GMT
server: cloudflare
etag: "28a65312399edaaf8da939ab4f5c635e"
vary: Origin, Accept-Encoding
x-goog-generation: 1672807349432027
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=J48sAg==, md5=KKZTEjme2q+NqTmrT1xjXg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 207608
accept-ranges: bytes
cf-ray: 829628a2690e3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 yyA9Bmbt-pp-cms-40.jpg
media.buletintv3.my/2022/10/ 124 KB
125 KB 1275ms
1272ms Image
image/jpeg 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.buletintv3.my/2022/10/yyA9Bmbt-pp-cms-40.jpg

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1900b144fc905f8c8e049e865d72edfb4c6337fc6fe8e371857b72ff770fcb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=132195, status=vary_header_present
x-guploader-uploadid: ABPtcPq7VSELAmSVBQPwd_lt2MQIf6M_e3e5BYOq_0mdZEui8V-xiDPk584gO0SDgZ612SMowWYcGapvKQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 126865
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Oct 2022 05:48:53 GMT
server: cloudflare
etag: "90040a0208c6a3a17668aa0083330d69"
vary: Origin, Accept-Encoding
x-goog-generation: 1666244933831079
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=1pSjww==, md5=kAQKAgjGo6F2aKoAgzMNaQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 132195
accept-ranges: bytes
cf-ray: 829628a2690f3813-FRA
expires: Tue, 21 Nov 2023 05:23:42 GMT

GET
H2 200 impl.20231120-17-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 41ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-buletintv3/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4fc32e6fc403d791b614e173174cf80dfabf2c4a9fd3e4f8c58134c19a1248e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: wN9atD7Kl1ivG9gEZ1nbtxcXcwmI_1st
content-encoding: br
via: 1.1 varnish
date: Tue, 21 Nov 2023 04:23:41 GMT
x-amz-request-id: 5G4WJZ8W2668NREB
age: 26277
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173711
x-amz-id-2: WREpH12MsxvDubDmNAQw2KtIH/9hfjMcISvRsfzP90g1nVxSkTiCoHf9oXQa5DU1+48ttMoT2eY=
x-served-by: cache-fra-eddf8230076-FRA
last-modified: Mon, 20 Nov 2023 13:04:46 GMT
server: AmazonS3-br
x-timer: S1700540621.202645,VS0,VE0
etag: "3863cf084beb457b7c5a89cd8e740794"
vary: Accept-Encoding
content-type: application/javascript
abp: 19
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 35712

GET
H2 200 258342073397388 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/258342073397388?v=2.9.138&r=stable&domain=www.buletintv3.my

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

221ab0ed2077199a1983385a319624a684c5d0a68bd5ee5a96ce03859453262e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 04:23:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FLeEVB2z3U71/BF5BxjBUNK2UfxU+pQOx1x0qROuF5C0G7TZTHFr0X4+7VxFUgXebKVdQFnr/JXNAz+ykQdYlA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
103 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPKXSKC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc484c880095d9231f38a354bec386b19509494e0d4d26e091e217e0aee01aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 04:23:41 GMT

GET
H2 200 heartbeat.min.js Show response
heartbeat.mediaprimaplus.com.my/ 110 KB
39 KB 502ms
383ms Script
application/javascript 2606:4700:4400::ac40:98c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPKXSKC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:98c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-guploader-uploadid: ABPtcPoPBxXoVxlbfm4cL5iAjHph8SlUVxnPZ-sFiTFw8WldNDVXMaxf59lG2Zo1o0mA9pr7_xZOLb3dvw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 04:04:50 GMT
server: cloudflare
etag: W/"5f725977c0ffda5b4f37aba4a56c9b6c"
x-frame-options: SAMEORIGIN
x-goog-generation: 1691985890041510
content-type: application/javascript
x-goog-hash: crc32c=JcAjSg==, md5=X3JZd8D/2ltPN6ukpWybbA==
cache-control: no-store
x-goog-stored-content-length: 112773
cf-ray: 829628a3ae1a914c-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 139ms
46ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 241444
expires: 60

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6034955/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

41ms
41ms

Script
application/javascript

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 10:14:29 GMT
content-encoding: gzip
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 65365
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: LCZH-9FObZqb0NIJ38pKfyF_auQFAf5_tAcco4MvVu0aW3HHxQY9Rg==

Redirect headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 4sfJJ8x4lLquDvHNCYKAA9TdYFQE0CMIlCAV3ui3vR5ercasPHwTUg==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15102/ 59 KB
18 KB 150ms
46ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15102/lt.min.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 005508497953718c5c5f765c3ec6bf8c7a8ae3acbeb4b362e1c6f3ce0deec255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:39:47 GMT
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Mon, 18 Sep 2023 05:21:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 67434
x-amz-server-side-encryption: AES256
etag: W/"f2c24a35c53ad1770d2b84d1f6afdab5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: New2ghJQJdgYPGg2IwALhElAK0ciL1V-JHVTvC1pNPYhoLL15NgCMg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 151ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b659e725fdf3852a3fbff8a729431fa628cdb64f133723f18be537976d66987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30648
x-xss-protection: 0
server: cafe
etag: 596 / 19682 / 31079744 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 04:23:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-110467741-34

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa02c02055d229edaa708ea1757e126d24ea4fd3def740c5437365b2604cf57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64684
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 04:23:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-110467741-34&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPKXSKC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bec89b89be6ef6fc3b3dbaf901774024e52f315a9e327623f0e51f267d73dac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64679
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 04:23:41 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 90 KB
24 KB 196ms
40ms Script
application/javascript 184.31.93.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-93-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ff2819f882317412b7579aefcdf767d51b5e4f1e231dbc9e50aeefde4507eede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: cjy03xRwzptr4f4YrsrLsskJ9RIDUy3h
content-encoding: br
date: Tue, 21 Nov 2023 04:23:41 GMT
last-modified: Mon, 30 Oct 2023 00:55:21 GMT
server: nginx
x-amz-request-id: 17EZVTRYJ4VDVPX6
etag: W/"6c78c7dbc348c9a011a7719cb56245a2"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=59496
content-length: 24209
x-amz-id-2: YbmTYaGEJ32PQd4GIvwvCMRn3oD0Wj+kmZ7k4MtC28ARe5Yp/4DppmtIme1Cph3PlNstP4C8Xc4=

GET
H3 200 trending-posts.json Show response
media.buletintv3.my/json/chartbeat/ 3 KB
1 KB 1033ms
988ms XHR
application/json 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.buletintv3.my/json/chartbeat/trending-posts.json

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/71-9693e3c4295aa092.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe2cfc6c4727fe4361216d1b282bcbc9150db96cfc6c879923eb0c3423b1aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-guploader-uploadid: ABPtcPobQ90_Q2kjaUFyRoGb2ap7cjWvcsmVrSydqlACzQwZrOXQOSIiKu10SN-r6nkmhA_zJ1_BU7uQxA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 04:00:07 GMT
server: cloudflare
etag: W/"429d97ce59fc371463f05bc0fc5d0fb3"
vary: Origin
x-goog-generation: 1700539207903374
content-type: application/json
access-control-allow-origin: https://www.buletintv3.my
x-goog-hash: crc32c=McSgWw==, md5=Qp2Xzln8NxRj8FvA/F0Psw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 2672
x-frame-options: SAMEORIGIN
cf-ray: 829628a47f042c27-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H3 200 popular-posts.json Show response
media.buletintv3.my/json/chartbeat/ 15 KB
4 KB 95ms
64ms XHR
application/json 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.buletintv3.my/json/chartbeat/popular-posts.json

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/71-9693e3c4295aa092.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caff589d0a313eef2a28cc472e706daf3e9e8e2972aebcf50a5ab79668e21f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1123
x-guploader-uploadid: ABPtcPq9psuBopmK2CVSj6jKTXBAxk82vkYIoexqCOPOW2-Id6AuoYoVG_GfBgt7n8cQi8VpKfM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 16:00:30 GMT
server: cloudflare
etag: W/"469e40a037a9e3dfd17cc9eb890e0109"
vary: Origin
x-goog-hash: crc32c=J8atXA==, md5=Rp5AoDep49/RfMnriQ4BCQ==
x-goog-generation: 1700496030024349
content-type: application/json
access-control-allow-origin: https://www.buletintv3.my
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 15797
x-frame-options: SAMEORIGIN
cf-ray: 829628a47f032c27-FRA
expires: Tue, 21 Nov 2023 05:04:58 GMT

GET
H3 200 244.fb92b3896325690f.js Show response
www.buletintv3.my/_next/static/chunks/ 79 KB
23 KB 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/244.fb92b3896325690f.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/webpack-a704ccee42a16adf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

197b913b18766d7708f98eaddd890ef50ee717d1f059f0e4a16aeda0eb9c74b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 36368
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"13b9b-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a46a893813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 worker-new.html Show response
buletintv3.api.useinsider.com/ Frame 4265 10 KB
3 KB 82ms
81ms Document
text/html 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buletintv3.api.useinsider.com/worker-new.html
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-cache-status: HIT
cf-ray: 829628a539a965b4-FRA
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 04:23:41 GMT
expires: Tue, 05 Dec 2023 04:23:41 GMT
last-modified: Mon, 20 Nov 2023 09:34:44 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 203-e9ccb12eb5a1a6b3.js
www.buletintv3.my/_next/static/chunks/ 0
3 KB 146ms
145ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/203-e9ccb12eb5a1a6b3.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41439
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"219c-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a55afe3813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H3 200 berita-terkini-5bc2a110c5b6db2f.js
www.buletintv3.my/_next/static/chunks/pages/ 0
2 KB 147ms
145ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/berita-terkini-5bc2a110c5b6db2f.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21781
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"14d2-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a56aff3813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H3 200 %5Bcategory%5D-27c28fc7e1309c7b.js
www.buletintv3.my/_next/static/chunks/pages/ 0
2 KB 147ms
146ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D-27c28fc7e1309c7b.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21781
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"14a9-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a56b003813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H3 200 509-b62a0a2fee95a2a1.js
www.buletintv3.my/_next/static/chunks/ 0
12 KB 147ms
146ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/509-b62a0a2fee95a2a1.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 17403
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"839b-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a56b013813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H3 200 87-9a4d8193ef271a76.js
www.buletintv3.my/_next/static/chunks/ 0
6 KB 147ms
146ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/87-9a4d8193ef271a76.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49290
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"4636-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a56b023813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H3 200 %5B...params%5D-12de001ee4988d2e.js
www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D/ 0
840 B 148ms
147ms Other
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D/%5B...params%5D-12de001ee4988d2e.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 22133
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"43f-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a56b033813-FRA
expires: Wed, 20 Nov 2024 04:23:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 121ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=258342073397388&ev=PageView&dl=https%3A%2F%2Fwww.buletintv3.my%2F&rl=&if=false&ts=1700540621647&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700540621646.1948244316&ler=empty&it=1700540621208&coo=false&rqm=GET

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 04:23:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 140ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WTLC2GCKZW&gtm=45je3b81v9118708698z89116590855&_p=1700540620971&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1702349986.1700540622&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700540621&sct=1&seg=0&dl=https%3A%2F%2Fwww.buletintv3.my%2F&dt=Utama%20%7C%20BULETIN%20TV3%20Malaysia&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&ep.article_author=n%2Fa&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.pagetype=website&ep.keyword_list_hit_scope=Nasional%2CPolitik%2CMahkamah%2CJenayah%2CDetik%20Niaga%2CLuar%20Negara%2CSukan%2CGaya%20Hidup%2CTragedi%2CTV3%2CBuletin%20TV3&ep.article_id=n%2Fa&ep.site_name=Buletin%20TV3&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&tfd=3068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 150ms
49ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WTLC2GCKZW&cid=1702349986.1700540622&gtm=45je3b81v9118708698z89116590855&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11171003852/ 3 KB
2 KB 140ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11171003852/?random=1700540621697&cv=11&fst=1700540621697&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698z89116590855&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&auid=888688266.1700540622&uamb=0&uaw=0&data=event%3Dgtag.config%3Barticle_author%3Dn%2Fa%3Bpublication_date%3Dn%2Fa%3Bpublication_time%3Dn%2Fa%3Bpagetype%3Dwebsite%3Bkeyword_list_hit_scope%3DNasional%5C%2CPolitik%5C%2CMahkamah%5C%2CJenayah%5C%2CDetik%20Niaga%5C%2CLuar%20Negara%5C%2CSukan%5C%2CGaya%20Hidup%5C%2CTragedi%5C%2CTV3%5C%2CBuletin%20TV3%3Barticle_id%3Dn%2Fa%3Bsite_name%3DBuletin%20TV3%3Bmodified_date%3Dn%2Fa%3Bmodified_time%3Dn%2Fa&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73d422bb7447d222734ce252739eed14365961c23cd472a516ef3a167e05823c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1453
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 140ms
51ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WTLC2GCKZW&cid=1702349986.1700540622&gtm=45je3b81v9118708698z89116590855&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=346710789

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11171003852/ 3 KB
2 KB 150ms
57ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11171003852/?random=1700540621713&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cf71d5e1766f2cdc6525106960ad71e9a1907938abc2ed497918a8f964b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1612
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gantari-v1-latin-500.woff2
www.buletintv3.my/fonts/ 10 KB
10 KB 64ms
63ms Font
font/woff2 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/fonts/gantari-v1-latin-500.woff2

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0036a3aedc7e6bac50cf28a0d15a4457d9af7c8045ea728e0b7884c95f079dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buletintv3.my/_next/static/css/3f69c8ab67411d47.css
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 849084
alt-svc: h3=":443"; ma=86400
content-length: 9824
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 07:53:47 GMT
server: cloudflare
etag: W/"2660-18ba8c5f2f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-cloud-trace-context: 6cfa6ee1619a92e0be6f9c31a8131252
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 829628a63b8d3813-FRA
expires: Tue, 21 Nov 2023 05:23:41 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35183
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 19 Nov 2024 18:37:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110467741-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 03:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2043
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 21 Nov 2023 05:49:38 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 41ms
41ms Image
text/plain 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700540621838&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buletintv3.my%2F&c8=Utama%20%7C%20BULETIN%20TV3%20Malaysia&c9=
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: D40976G4HXimR3k8S_HpXMokspPdFoXWJzjuA4IpG9yJcQ2n4RcnSw==
x-cache: Miss from cloudfront

GET
H2 200 17005406219195b3e72e1c9.20eee7e6 Show response
segment.api.useinsider.com/v4/segments/ 927 B
796 B 180ms
83ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/17005406219195b3e72e1c9.20eee7e6?partnerid=10007866&fields=43bcb36890601490f2c2b022471d2ded,0595b5e2eaa3ff69840aeb96ce0f28ac&
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fade114f64a0e4029ed96b153546c337c71ffd703bd29302b4acca992fed986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 829628a7a8a08ff4-FRA

GET
H2 200 info.min.css
assets.api.useinsider.com/css/ 70 KB
6 KB 64ms
55ms Stylesheet
text/css 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/info.min.css

Requested by

Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7a64087eab9b9cd76e064cc9db4025d6661f9e4b0f2ecc2c8c9002d48f96a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63029
x-xss-protection: 1
pragma: public
last-modified: Mon, 20 Nov 2023 09:34:44 GMT
server: cloudflare
etag: W/"655b2834-119e6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 829628a72ad565b4-FRA
expires: Fri, 24 Nov 2023 04:23:41 GMT

GET
H2 200 info.js Show response
eitri.api.useinsider.com/static/ 54 KB
16 KB 61ms
53ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/info.js
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70938ce0aaef39ac2b9541aa7c536b7cc70ad8d52acd15bff80c2c04acc2d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:41 GMT
x-amz-version-id: N4orjr1MmUp6RAniKIIhgm2s_uF6GeTs
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 11:12:20 GMT
server: cloudflare
x-amz-request-id: WJ9ZZ7XZ37K9M5H1
age: 4232
etag: W/"b9eee8551bdcf4323c1d62078c517666"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 829628a72ad665b4-FRA
x-amz-id-2: 8Hy8dkjxc+w2rTZZyV5vqFvrwGWSgzitpviKSSPtCSNUOX2tP+8cQZBN0uveHOaODU/SO8zDmBg=
expires: Tue, 21 Nov 2023 04:53:41 GMT

GET
H2 200 / Show response
locationv2.api.useinsider.com/ 241 B
503 B 184ms
82ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://locationv2.api.useinsider.com/?v=2&pId=10007866&
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16eb21a30683813b277f9be26ea1e0ab9dadb588e5016170fce4738922046fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 829628a7bbb535f1-FRA

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
162 B 90ms
73ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInVzZXJJZCI6IjE3MDA1NDA2MjE5MTk1YjNlNzJlMWM5LjIwZWVlN2U2IiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiZVhZMWVXUnVZV3N0YVRNd2VpMWllbTFyTFdJM2RqVXRaemxuTlRreFltUjVlakE0WHpFM01EQTFOREEyTWpJPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcwMDU0MDYyMiIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImMxMiIsInR5cGUiOiJpbXByZXNzaW9uIiwib3RoZXIiOiIiLCJjdXN0b21TdWJJZCI6Ik4vQSIsInByb2R1Y3RUeXBlIjoiY3VzdG9tIn0%3D&t=cu&pn=buletintv3
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 829628a74aeb65b4-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 91ms
75ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInVzZXJJZCI6IjE3MDA1NDA2MjE5MTk1YjNlNzJlMWM5LjIwZWVlN2U2IiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiZVhZMWVXUnVZV3N0YVRNd2VpMWllbTFyTFdJM2RqVXRaemxuTlRreFltUjVlakE0WHpFM01EQTFOREEyTWpJPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcwMDU0MDYyMiIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImMxNCIsInR5cGUiOiJpbXByZXNzaW9uIiwib3RoZXIiOiIiLCJjdXN0b21TdWJJZCI6Ik4vQSIsInByb2R1Y3RUeXBlIjoiY3VzdG9tIn0%3D&t=cu&pn=buletintv3
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 829628a74ae865b4-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 86ms
73ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInVzZXJJZCI6IjE3MDA1NDA2MjE5MTk1YjNlNzJlMWM5LjIwZWVlN2U2IiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiZVhZMWVXUnVZV3N0YVRNd2VpMWllbTFyTFdJM2RqVXRaemxuTlRreFltUjVlakE0WHpFM01EQTFOREEyTWpJPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcwMDU0MDYyMiIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImMxNiIsInR5cGUiOiJpbXByZXNzaW9uIiwib3RoZXIiOiIiLCJjdXN0b21TdWJJZCI6Ik4vQSIsInByb2R1Y3RUeXBlIjoiY3VzdG9tIn0%3D&t=cu&pn=buletintv3
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 829628a74aea65b4-FRA
content-length: 42
content-type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/11171003852/ 42 B
455 B 139ms
51ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11171003852/?random=1700540621697&cv=11&fst=1700539200000&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698z89116590855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&data=event%3Dgtag.config%3Barticle_author%3Dn%2Fa%3Bpublication_date%3Dn%2Fa%3Bpublication_time%3Dn%2Fa%3Bpagetype%3Dwebsite%3Bkeyword_list_hit_scope%3DNasional%5C%2CPolitik%5C%2CMahkamah%5C%2CJenayah%5C%2CDetik%20Niaga%5C%2CLuar%20Negara%5C%2CSukan%5C%2CGaya%20Hidup%5C%2CTragedi%5C%2CTV3%5C%2CBuletin%20TV3%3Barticle_id%3Dn%2Fa%3Bsite_name%3DBuletin%20TV3%3Bmodified_date%3Dn%2Fa%3Bmodified_time%3Dn%2Fa&fmt=3&is_vtc=1&cid=CAQSGwDICaaN3Txf6VO1uPoaGOcsTbIgDqaHa9DlPA&random=4003912965&rmt_tld=0&ipr=y

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11171003852/ 42 B
154 B 55ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11171003852/?random=1700540621697&cv=11&fst=1700539200000&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698z89116590855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&data=event%3Dgtag.config%3Barticle_author%3Dn%2Fa%3Bpublication_date%3Dn%2Fa%3Bpublication_time%3Dn%2Fa%3Bpagetype%3Dwebsite%3Bkeyword_list_hit_scope%3DNasional%5C%2CPolitik%5C%2CMahkamah%5C%2CJenayah%5C%2CDetik%20Niaga%5C%2CLuar%20Negara%5C%2CSukan%5C%2CGaya%20Hidup%5C%2CTragedi%5C%2CTV3%5C%2CBuletin%20TV3%3Barticle_id%3Dn%2Fa%3Bsite_name%3DBuletin%20TV3%3Bmodified_date%3Dn%2Fa%3Bmodified_time%3Dn%2Fa&fmt=3&is_vtc=1&cid=CAQSGwDICaaN3Txf6VO1uPoaGOcsTbIgDqaHa9DlPA&random=4003912965&rmt_tld=1&ipr=y

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/11171003852/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypha...
https://www.google.com/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...
https://www.google.de/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...

42 B
64 B

57ms
56ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296WFIxaE9RaXdFbDdXdUs1dmVuWjBxUmdYaEMxdU50cTN6Y3BWQzc3WV9mNEEaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGhwTXlPMUlhLVY1bHg4R2VRUXFXdlJGWG9NZjc0Uk10Rmx1MXFtZ3BCNjBkR1NDbXhCaENLWSITCL-fw72f1IIDFYYk4AodFiUNiA&is_vtc=1&ocp_id=zTBcZf-EM4bJgAeWyrTACA&cid=CAQSKQDICaaNNPj7RofP6x-dnKX_ZLimRGgYIsWM5jwGlhVIsyz6eOQiAmuz&random=2215710728&ipr=y

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11171003852/?random=965585297&cv=11&fst=1700540621713&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9118708698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buletintv3.my%2F&label=lNMFCOrYoqUYEMz7384p&hn=www.googleadservices.com&frm=0&tiba=Utama%20%7C%20BULETIN%20TV3%20Malaysia&gtm_ee=1&auid=888688266.1700540622&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296WFIxaE9RaXdFbDdXdUs1dmVuWjBxUmdYaEMxdU50cTN6Y3BWQzc3WV9mNEEaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGhwTXlPMUlhLVY1bHg4R2VRUXFXdlJGWG9NZjc0Uk10Rmx1MXFtZ3BCNjBkR1NDbXhCaENLWSITCL-fw72f1IIDFYYk4AodFiUNiA&is_vtc=1&ocp_id=zTBcZf-EM4bJgAeWyrTACA&cid=CAQSKQDICaaNNPj7RofP6x-dnKX_ZLimRGgYIsWM5jwGlhVIsyz6eOQiAmuz&random=2215710728&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 147ms
54ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 359fe8129696f3762f598356bbf26ec7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 169ms
83ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 04:23:42 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 48ms
47ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 74722
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: J9OmQt9gMidWiOJmIH9bOvMBt-VL6sbVb4bDTRqSXEMd9L6tVUUbPg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 123ms
40ms Script
text/javascript 2600:9000:2250:9a00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 20 Nov 2023 10:03:28 GMT
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 66015
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: _2onJOohAtV03WLLgsuR6XFBc5ylzgQd9mc5fUxP4WSb_fFg1nD5iQ==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 108ms
38ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 23054
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 829628a7dc0744f2-TXL
expires: Fri, 24 Nov 2023 04:23:42 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 155 KB
34 KB 133ms
51ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 09:30:02 GMT
server: cloudflare
x-amz-request-id: A7X2EF4SWQ1P9GNG
age: 2367
etag: W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 829628a7fb032bbe-FRA
x-amz-id-2: FravNwdpM1ULD2h48Z2I8v5fZwAiOii/aRGtaOkI6bxqoa0NQTAGtt3DVPT9EDu+r5OPoSqMOcb0F6ksCpGq4w==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 134ms
50ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40713
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230058-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKR%2BMD86rmN0ij5%2Fno7CZKkGmfEk6MZUHLI32mRclN44Zid0zg64dNAq63OX29wK7iFPZz0so0gzfjTNTuejyVX6Iay1ThEaSOGfBwpCPWEuflnL%2FTPB8UYROMMfkZZkSEFcZbwVwbROsRp03%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829628a80d699b9a-FRA

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 133ms
41ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:17:52 GMT
content-encoding: gzip
age: 2369150
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 23 Oct 2024 18:17:52 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 362 KB
68 KB 471ms
470ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683336398780197&correlator=2280085239753352&eid=31079744%2C31078018%2C31079527&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=1009103%2CBUTV3_ROS_Billboard%2CBUTV3_ROS_MidRec%2CBUTV3_ROS_Billboard_b%2CBUTV3_ROS_MidRec_b%2CBUTV3_ROS_Billboard_c%2CBUTV3_ROS_Leaderboard%2CBUTV3_Andbeyond_Pixel%2CBUTV3_1x1%2CBUTV3_Outofpage%2CBUTV3_STO%2CBUTV3_1x1_Programmatic%2CBUTV3_Web_Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=970x90%7C970x250%7C728x90%2C300x250%2C970x90%7C728x90%2C300x250%2C970x90%7C728x90%2C728x90%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=9&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1700540621990&lmt=1700540621&adxs=315%2C1124%2C315%2C1124%2C315%2C436%2C0%2C0%2C0%2C0%2C0%2C-9&adys=174%2C288%2C1043%2C2507%2C3142%2C4095%2C0%2C0%2C0%2C0%2C0%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C0%7C0%7C0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.buletintv3.my%2F&vis=1&psz=1600x90%7C316x731%7C1600x893%7C316x587%7C1600x114%7C1600x114%7C1600x4353%7C1600x4353%7C1600x4353%7C1600x4353%7C1600x4353%7C0x-1&msz=1600x90%7C300x250%7C1600x90%7C300x250%7C1600x90%7C1600x90%7C0x0%7C1x-1%7C0x0%7C1x-1%7C1x-1%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=1600%2C300%2C1600%2C300%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&ga_vid=1702349986.1700540622&ga_sid=1700540622&ga_hid=862431784&ga_fc=true&dlt=1700540620941&idt=1004&prev_scp=pos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage%7Cpos%3Dlisting%26section%3Dhomepage&cust_params=lotauds%3D&adks=2175859%2C3491534626%2C2369889292%2C2589156488%2C3230393154%2C886251853%2C774082431%2C1194865626%2C3096280398%2C3904692243%2C3442964269%2C1318103144&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09cc1ba2f781bc94e2f489f366b7192c20d8b2e61cc579fea0170e23148ae406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70001
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2,-1,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2,-1,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.buletintv3.my
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B15 6 KB
3 KB 163ms
48ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:42 GMT
expires: Wed, 20 Nov 2024 04:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 39 KB
13 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl_page_level_ads.js?cb=31079744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35115
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13749
x-xss-protection: 0
server: cafe
etag: 15176684494565588641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 19 Nov 2024 18:38:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 47ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=862431784&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buletintv3.my%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Utama%20%7C%20BULETIN%20TV3%20Malaysia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1455781481&gjid=1256900505&cid=1702349986.1700540622&tid=UA-110467741-34&_gid=1585871901.1700540622&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1957812208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.24 Show response
buletintv3.api.useinsider.com/api/info/ 34 KB
8 KB 82ms
81ms XHR
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buletintv3.api.useinsider.com/api/info/11.24?pa=web-lead-collection&
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19762ac49693a81741f3d6ccf7a68ee30534192cfa3f733871e28716dfacce90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
x-amz-version-id: vPw1M1MAXRokrw1LtY0jJvidXkkexIW6
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 03:54:44 GMT
server: cloudflare
x-amz-request-id: RKCGZSEG130FV4G7
etag: W/"7933ebb286469eb959f49d48740bc514"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30
cf-ray: 829628a7fbe135f1-FRA
x-amz-id-2: dVPwMmD8RO406PjQxoJeVcoI4OjyMxan3SrGj+Fax594hZOxX9RKGkb3qEFaYCNuEatxDCUUg9g=
expires: Tue, 21 Nov 2023 04:24:12 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 170ms
42ms Script
application/x-javascript 2600:9000:2646:c000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:c000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 22:00:46 GMT
content-encoding: gzip
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 02:00:31 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 22976
etag: W/"655577bf-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Xk8ewODRNzXhEBWvSn3L7txQtkF_QE9V__Ri4G6Gfi6rfvv6sCT4Tw==
expires: Tue, 21 Nov 2023 22:00:46 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 183ms
57ms XHR
application/json 34.250.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1668cdb83aa3dbb53d682c8fef4d54f728e604ff94b1c213ebcbd64a93b3ab51

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache
x-server: 10.45.30.251
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 203-e9ccb12eb5a1a6b3.js Show response
www.buletintv3.my/_next/static/chunks/ 8 KB
3 KB 56ms
55ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/203-e9ccb12eb5a1a6b3.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3100d069f52a941686607d17afdd183c04eae277e27d68e1746192e181511a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41440
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"219c-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a80ca23813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

GET
H3 200 %5Bcategory%5D-27c28fc7e1309c7b.js Show response
www.buletintv3.my/_next/static/chunks/pages/ 5 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D-27c28fc7e1309c7b.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3d14277bd19f93777d1ffcfa31ff1aa66e82b8de47d60df3a6f66d9837de8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21782
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"14a9-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a80ca53813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

GET
H3 200 509-b62a0a2fee95a2a1.js Show response
www.buletintv3.my/_next/static/chunks/ 33 KB
12 KB 57ms
57ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/509-b62a0a2fee95a2a1.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e865847103154e58eb5743d40b2809b652b1a0d9b7df21786ced75bf66de86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 17404
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"839b-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a81ca73813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

GET
H3 200 87-9a4d8193ef271a76.js Show response
www.buletintv3.my/_next/static/chunks/ 18 KB
6 KB 59ms
59ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/87-9a4d8193ef271a76.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f99e235f9b3f7db7e05e2c5cfce5da55491d0e70fa177765ecb74433ce0eff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49291
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"4636-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a81ca93813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

GET
H3 200 %5B...params%5D-12de001ee4988d2e.js Show response
www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D/ 1 KB
840 B 60ms
60ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/%5Bcategory%5D/%5B...params%5D-12de001ee4988d2e.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d0ae7cb0b5e8d6e4eeac1afb7ac20071ba1f407915a6092948237d9383e2c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 22134
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"43f-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a81caa3813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

GET
H3 200 berita-terkini-5bc2a110c5b6db2f.js Show response
www.buletintv3.my/_next/static/chunks/pages/ 5 KB
2 KB 65ms
65ms Script
application/javascript 2606:4700:4400::6812:2a37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buletintv3.my/_next/static/chunks/pages/berita-terkini-5bc2a110c5b6db2f.js

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2a37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed158c235e753d1988245e8999460fa86bca599dd421409bfdb484cf3f52161b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21782
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 03:38:14 GMT
server: cloudflare
etag: W/"14d2-18bcbe88070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 829628a81cab3813-FRA
expires: Wed, 20 Nov 2024 04:23:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 50ms
49ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-110467741-34&cid=1702349986.1700540622&jid=1455781481&gjid=1256900505&_gid=1585871901.1700540622&_u=YADAAUAAAAAAACAAI~&z=1640900091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
297 B 105ms
81ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 37c27632-3b69-45fb-bbcb-ddfd9a34476c
cf-ray: 829628a87c1a35f1-FRA
content-length: 16

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
353 B 84ms
79ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 58dca45e-daaf-4779-bac2-5e03d445dfb2
cf-ray: 829628a87c1b35f1-FRA
content-length: 16

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 133ms
41ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.buletintv3.my
date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 50ms
49ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-110467741-34&cid=1702349986.1700540622&jid=1455781481&_u=YADAAUAAAAAAACAAI~&z=638575642

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-110467741-34&cid=1702349986.1700540622&jid=1455781481&_u=YADAAUAAAAAAACAAI~&z=638575642

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/buletintv3.my/ 722 B
1010 B 872ms
293ms Script
text/javascript 3.39.97.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/buletintv3.my/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.39.97.207 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-39-97-207.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5d5a04e848e47f0a45c5a778d3905f737e9de90909d484e80fc42626f4b547fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
etag: W/"2d2-fRXo+ZSkYdgMkxfF7c9BMleKcLg"
content-type: text/javascript; charset=utf-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 11D3 15 KB
6 KB 50ms
48ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.buletintv3.my

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 378231
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp&cc=1

85 B
202 B

151ms
150ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp&cc=1
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0d557214a32f4a774cb002f840a8c965bba7f6d150ac19c56280b504246444f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-5o3fusqA4EdAfZiyxCd27YINcJ4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.buletintv3.my
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 21 Nov 2023 04:23:42 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.buletintv3.my
location: /esp?url=https%3A%2F%2Fwww.buletintv3.my%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 157 B
480 B 326ms
174ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=buletintv3.my&domain=buletintv3.my&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 798f2fd8b4a9c824873c54cefbc9f20a021f3c1e005209e447e1083fd7c2f426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 126
x-served-by: cache-sof1510024-SOF
x-timer: S1700540622.407672,VS0,VE116
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 19 Nov 2023 04:23:42 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 45ms
45ms Script
application/x-javascript 2600:9000:2646:c000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/_next/static/chunks/main-f45d6ab6812926a5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:c000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:48:42 GMT
content-encoding: gzip
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 27300
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jNivTJGZ_jcYR0t0RS52pPf3WmU0Xb3O7AqmHeH--EjE0hkfpZhMOQ==
expires: Tue, 21 Nov 2023 20:48:42 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 11D3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=buletintv3.my&sn=ChromeSyncframe&so=0&topUrl=www.buletintv3.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=E5W-lXxUeEZrTy9QYTJKWnJndnZLMGNLWk0vYjl1N0xUMkxIS2FHb0hUR1FHOFB3bDlIOEZQcXBtT1hIR0NralJVR1ZjSWNnVCtGVS9ISnQ2MnNrMXFtN0E3d3dINkt4Q2x6OEpOQXV1bzRyQ0UzaHAxcFI3V0tlbElCM0...

428 B
652 B

50ms
49ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=E5W-lXxUeEZrTy9QYTJKWnJndnZLMGNLWk0vYjl1N0xUMkxIS2FHb0hUR1FHOFB3bDlIOEZQcXBtT1hIR0NralJVR1ZjSWNnVCtGVS9ISnQ2MnNrMXFtN0E3d3dINkt4Q2x6OEpOQXV1bzRyQ0UzaHAxcFI3V0tlbElCM0txYmsweEowKy8rV1hqYnVwbXdUT0p1U2YzeW5tZVF3TStUdUZvZmlKZ1grNG1OVHloT1p3Q3E4eFdKUVgvMUVJMmtSUFBHUm82QWxIdmFITWZNaGtmdFVXaU5YU1FvM2hoQjRkUlJwankwU250bmNwY3EybURMT1owa2I4bVVNbWJnak1pNnZoaks5bG5Ec1NtTFkvYU50ZklMRE9VQT09fA&cppv=2

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

48a8e0edf39bbce7b1a143f16388079bbfa004a7b9ae5df50da50785e897c455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2471495
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=E5W-lXxUeEZrTy9QYTJKWnJndnZLMGNLWk0vYjl1N0xUMkxIS2FHb0hUR1FHOFB3bDlIOEZQcXBtT1hIR0NralJVR1ZjSWNnVCtGVS9ISnQ2MnNrMXFtN0E3d3dINkt4Q2x6OEpOQXV1bzRyQ0UzaHAxcFI3V0tlbElCM0txYmsweEowKy8rV1hqYnVwbXdUT0p1U2YzeW5tZVF3TStUdUZvZmlKZ1grNG1OVHloT1p3Q3E4eFdKUVgvMUVJMmtSUFBHUm82QWxIdmFITWZNaGtmdFVXaU5YU1FvM2hoQjRkUlJwankwU250bmNwY3EybURMT1owa2I4bVVNbWJnak1pNnZoaks5bG5Ec1NtTFkvYU50ZklMRE9VQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 299011
content-length: 0
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 451ms
143ms Image
image/gif 3.224.128.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=buletintv3.my&p=https%3A%2F%2Fwww.buletintv3.my%2F&u=DJxD9nCbIt6dClahbn&d=buletintv3.my&g=65124&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4354&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.buletintv3.my%2F&b=3660&_s=%7B%22ga%22%3A%221702349986.1700540622%22%7D&t=CYkX9gC_hBApDx2U68eoUqr_feJG&V=141&i=Utama%20%7C%20BULETIN%20TV3%20Malaysia&tz=-60&sn=1&sv=BeLxL4BAzwUUDG2juDkmwvvBUBIzh&sd=1&im=06670fff&_
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.128.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-128-47.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H3 200 hb Show response
hb.revid.my/ 64 B
461 B 429ms
384ms XHR
application/json 2606:4700:4400::ac40:9430
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.revid.my/hb

Requested by

Host: heartbeat.mediaprimaplus.com.my
URL: https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9430 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37cd23b73a6f7b3d52949052fd8bbeeace01d07dd30a3b6bccff3e8e6aaa106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.buletintv3.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
via: 1.1 google, 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.buletintv3.my
x-cloud-trace-context: 3d9c9baed621458a69b5048ca99d02a4
access-control-allow-credentials: true
cf-ray: 829628ad7f0e9b70-FRA

OPTIONS
H2 204 hb
hb.revid.my/ Frame 0
0 489ms
378ms Preflight
text/html 2606:4700:4400::ac40:9430
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.revid.my/hb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9430 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.buletintv3.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.buletintv3.my
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829628aad80e65db-FRA
content-type: text/html
date: Tue, 21 Nov 2023 04:23:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Access-Control-Request-Headers
via: 1.1 google, 1.1 google
x-cloud-trace-context: 8e2cdd96b7d0b3605b583fc47acae5e8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 5ABC 196 KB
55 KB 186ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 351945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5ABC 15 KB
5 KB 283ms
180ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 08:33:14 GMT
age: 244228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5ABC 95 KB
29 KB 144ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 347430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5ABC 5 KB
2 KB 287ms
184ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 356950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5ABC 40 KB
13 KB 288ms
185ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 394150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5ABC 14 KB
2 KB 142ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:53:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 04:23:42 GMT

GET
H2 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5ABC 3 KB
3 KB 135ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:58:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26735
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 21 Nov 2023 20:58:07 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5ABC 344 B
714 B 132ms
40ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 77121
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 21 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5ABC 0
0 54ms
53ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHRENhmp2vzFQrt29G00x5JPAtoCkNfXcEj4k74SQjqVbLAyxcKpeZQD1uG6b1dpChgkMK
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 0653 196 KB
55 KB 199ms
133ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 351945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0653 15 KB
5 KB 181ms
179ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 08:33:14 GMT
age: 244228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0653 95 KB
28 KB 183ms
180ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 347430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0653 5 KB
2 KB 189ms
187ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 356950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0653 40 KB
13 KB 190ms
188ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 394150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0653 4 KB
728 B 105ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:48:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 04:23:42 GMT

GET
H2 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0653 3 KB
3 KB 100ms
43ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:58:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26735
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 21 Nov 2023 20:58:07 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0653 344 B
402 B 97ms
41ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 77121
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 21 Nov 2023 06:58:21 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 145B 196 KB
55 KB 199ms
149ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 351945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 145B 15 KB
5 KB 191ms
190ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 08:33:14 GMT
age: 244228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 145B 95 KB
28 KB 193ms
191ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 347430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 145B 5 KB
2 KB 195ms
194ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 356950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 145B 40 KB
13 KB 197ms
195ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 394150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 145B 14 KB
1 KB 90ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 03:51:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 04:23:42 GMT

GET
H2 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 145B 3 KB
3 KB 75ms
74ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:58:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26735
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 21 Nov 2023 20:58:07 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 145B 344 B
402 B 74ms
73ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 77121
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 21 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0653 0
0 48ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNm2kh1dPuGpUCroMOjnFfcLsAYbnZCbhpswSnXnFfGjfW6_ZEj5A7FSblMC8rB2Xruf9A
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 145B 0
0 49ms
48ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTTdvHXKHe-JomFBTrJNKreKnS0CjDzoI6ugwW-a9NXWKRCoU8wcKuuGHMosyWXaSS1dsM
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 container.html Show response
cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE78 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:42 GMT
expires: Wed, 20 Nov 2024 04:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FA3 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:42 GMT
expires: Wed, 20 Nov 2024 04:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/169004531737463412/ Frame 5ABC 22 KB
23 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/169004531737463412/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7824fc07eb9717c3857a045e4fd7609e413ce1d2af19459c5124bbbe5b0c2197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:01:34 GMT
x-content-type-options: nosniff
age: 278528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22845
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:57:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 23:01:34 GMT

GET
DATA 200
OK truncated
/ Frame 5ABC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5ABC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5ABC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb7075cd69d86aa958e63f345d14d87b1ca8ad079b05b10d1ec6a4ba28488ca5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5535672489825366006/ Frame 0653 15 KB
15 KB 78ms
76ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5535672489825366006/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c8d6008ed009d51193ddae953424a2924d87a1f6e0886477bf619e5c20fe95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 00:20:51 GMT
x-content-type-options: nosniff
age: 14571
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15237
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 21:55:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 00:20:51 GMT

GET
DATA 200
OK truncated
/ Frame 0653 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0653 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee6d0895565fa7d13147e4be88dd12725c8ec7e423927887c21658571bcc038b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1859734160619635599/ Frame 145B 4 KB
5 KB 86ms
86ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1859734160619635599/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef951c890b67caf49564e47e1768760bfeb2b1935e181e85570caa47de84fbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 10:07:59 GMT
x-content-type-options: nosniff
age: 65743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4567
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 08:29:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 10:07:59 GMT

GET
DATA 200
OK truncated
/ Frame 145B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 145B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 145B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7780665858c82f032f9bebf815bbd94a80a2b3d4e52ed24c9e72c5ff86b93167

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame EE78 9 KB
4 KB 148ms
41ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 14:04:29 GMT

GET
H2 200 7c8fef2b841c224dc9dd256dc808a409.js Show response
www.gstatic.com/mysidia/ Frame EE78 42 KB
16 KB 149ms
42ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 20:32:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EE78 2 KB
822 B 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:49 GMT

GET
H2 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame EE78 23 KB
10 KB 182ms
79ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 23:09:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame EE78 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EE78 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 18:49:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EE78 20 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EE78 0
0 48ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXrm-eQ6HOoHS1rG5F2xIfnbEZlzqSKEkPGnwtNGfyIMC9Hi07chnGEASGt4Pth2wmpqzr
Requested by: Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE78 202 KB
64 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 04:23:42 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame EE78 37 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5ABC 33 KB
33 KB 183ms
84ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 587664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 09:09:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0653 16 KB
16 KB 146ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 275131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 23:58:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0653 15 KB
16 KB 133ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 284280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 145B 33 KB
33 KB 200ms
116ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 587664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 09:09:18 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8879 147 KB
49 KB 188ms
91ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVwwzgABY-oK4D4DAASJLgCJkcaApGJwASTxIg&u=%7CxC9iMAel%2BxZmfdqCynBec5cSsNlgT2qW1SnXJqhFRvw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL2vi8T2DSJBGdc4rrvC7Sd6YHftX9Fd6t5gfA2vUp88N3d80NqE1iEHsFUtOAu7GMwrxxj26ec753TE9kACXFCk4nkKylGhtLRth8BBP1MGWdNnZSWC7NQW3wx8uMDBNjCkQ96nx6oD1S6fgPZo8dofKkdo7xucTl_9VLiCJziriXSXQcRYM-FNuboh28qaLJSikF_T5P7iqd1iTJ8t3Zc1ce5SgW75PjAUojEBcLrJB2y5XHS8AzsdTW-FkJhGAKzIoNKh2JXNv8yW2vEXCSJiw360iOn6QGHXY03qRfnyh-occIWLDTeigWaCdtH4Pd5gxz5fIibLk4LHB71D6ZbSSyiASrSMtg_GNQgdqIzoUjH7fgFaZElrtBzkP49CeoYmkSddEqCmUj4yUSUCAYJPdc_Uc8ifzz5dr2Utzx09mojtJKxo-FjOjpfZo7y8MGspajH-e4aVbbEICeAIP2S71Vv6dik1cb621IiBpHJCjLotWLjlihEhiqDzNDHBJt6A8VJzDiJ3A2Gd0DEddTFXeWctcoGci7zaqnvt9erPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Og1zjBcZerHBYP8gAeukpLQDMme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI5MTY4ODQyMDY4MDczNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBKgCT9CiGlpBoodnP7XvmPJxdgxW2IlijbhvwsqlKnuRHaxlW1ieRRBjTyiv3eqaMi_pjpBiTtpNXThNkYLSJAcTp_a1gUxhEHMPtASAz7-4UPo_1JaJBejiNHETOw_cyPSvRmuHhVX8RlQcLEHqLpqqZsq3_TN4Um-MjHoGBJ_EFNQxZNq2ALT7QFXISaLN_u-sZz2_y2gj5d86q5jLljbHtKYOrkWCcxrMOPW_k040-cDJa3FmhbteZbUdTixksBEeRcczEc4dCyzBBoHynh_zgNpw-8R0p53hrV8T4HcPWP8thIMKjOp4wwEKpm3DUR6FiqigqBRuWPqGaUvTUw1i4mLlB_mjywLmXDNvgpls_tSpxKW-giik3_rjCrcPk327R23H9-Lad0jgBAGABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAeINEwiL3tC9n9SCAxUDPuAKHS6JBMrQFQGAFwE%26num%3D1%26sig%3DAOD64_0cy26d1C7HrpasPRI7zR0upc-abA%26client%3Dca-pub-3291688420680736%26adurl%3D

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

104c7d9601783a63913dc038d26bee92fd22f6dfe935e9a6a3c8867ed3b0ead9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Wbl0fQHCtnRpGgFZwB3qKnbcHbC43jkfBxtpaigQFBAeQ8djopa9gjM3gSbbmLXro9piM0ubJ3nVL9t63YBWEWCEd64qYVo-OMy70mvE0WvElqnRBop4COMMZYXzcNsq0ipFGX9Wqf6CkVH_by0S6xQDqm9Ljs3R84Oi2FCy70PW7wLLJYBH6p1LC4cHH7EoPJYKSgcxOeh9BrUpCDCiGW6mgfk5P12pwKRpyGVSJTN_Qpyj3qa0NG6uVLK4uEt7z9C9Ww"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 46284024
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1FA3 3 KB
1 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 18:49:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1FA3 20 KB
8 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1FA3 0
0 61ms
58ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg3iOL5I0Y1TWgE0aGGLfnw3LyQ7oCYlAS8u4mp11wGJFLwrUe8DOF5nZgyxgMDE7POU1d
Requested by: Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1FA3 24 KB
7 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FA3 202 KB
64 KB 201ms
122ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 04:23:42 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 67B5 0
176 B 170ms
54ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 21 Nov 2023 04:23:42 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5ABC 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:58:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26735
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 21 Nov 2023 20:58:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5ABC 344 B
368 B 40ms
40ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.buletintv3.my
URL: https://www.buletintv3.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 77121
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 21 Nov 2023 06:58:21 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8879 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVwwzgABY-oK4D4DAASJLgCJkcaApGJwASTxIg&u=%7CxC9iMAel%2BxZmfdqCynBec5cSsNlgT2qW1SnXJqhFRvw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL2vi8T2DSJBGdc4rrvC7Sd6YHftX9Fd6t5gfA2vUp88N3d80NqE1iEHsFUtOAu7GMwrxxj26ec753TE9kACXFCk4nkKylGhtLRth8BBP1MGWdNnZSWC7NQW3wx8uMDBNjCkQ96nx6oD1S6fgPZo8dofKkdo7xucTl_9VLiCJziriXSXQcRYM-FNuboh28qaLJSikF_T5P7iqd1iTJ8t3Zc1ce5SgW75PjAUojEBcLrJB2y5XHS8AzsdTW-FkJhGAKzIoNKh2JXNv8yW2vEXCSJiw360iOn6QGHXY03qRfnyh-occIWLDTeigWaCdtH4Pd5gxz5fIibLk4LHB71D6ZbSSyiASrSMtg_GNQgdqIzoUjH7fgFaZElrtBzkP49CeoYmkSddEqCmUj4yUSUCAYJPdc_Uc8ifzz5dr2Utzx09mojtJKxo-FjOjpfZo7y8MGspajH-e4aVbbEICeAIP2S71Vv6dik1cb621IiBpHJCjLotWLjlihEhiqDzNDHBJt6A8VJzDiJ3A2Gd0DEddTFXeWctcoGci7zaqnvt9erPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Og1zjBcZerHBYP8gAeukpLQDMme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI5MTY4ODQyMDY4MDczNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBKgCT9CiGlpBoodnP7XvmPJxdgxW2IlijbhvwsqlKnuRHaxlW1ieRRBjTyiv3eqaMi_pjpBiTtpNXThNkYLSJAcTp_a1gUxhEHMPtASAz7-4UPo_1JaJBejiNHETOw_cyPSvRmuHhVX8RlQcLEHqLpqqZsq3_TN4Um-MjHoGBJ_EFNQxZNq2ALT7QFXISaLN_u-sZz2_y2gj5d86q5jLljbHtKYOrkWCcxrMOPW_k040-cDJa3FmhbteZbUdTixksBEeRcczEc4dCyzBBoHynh_zgNpw-8R0p53hrV8T4HcPWP8thIMKjOp4wwEKpm3DUR6FiqigqBRuWPqGaUvTUw1i4mLlB_mjywLmXDNvgpls_tSpxKW-giik3_rjCrcPk327R23H9-Lad0jgBAGABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAeINEwiL3tC9n9SCAxUDPuAKHS6JBMrQFQGAFwE%26num%3D1%26sig%3DAOD64_0cy26d1C7HrpasPRI7zR0upc-abA%26client%3Dca-pub-3291688420680736%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8879 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8879 308 B
636 B 42ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8879 293 B
621 B 43ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8879 43 B
348 B 140ms
49ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9lC0Bf6MC3QDpRennXznfnbeiosZt2fiNTNMC1ymgigvL9m60XadoAPBv-eYTRTBmox0qJsxNyrmlP77FCNy89K_bnxm-JPQKpUlDV8GfB_-HqJr3QKrGgtVB3ssDQlLsxJ3x67pVuYKILjNoCuEre9Dfr1ENeCJmhtonAERNNBKTJ54UYisKQTcq4EcOEa6Z1uDrAElhiKRueVmZbiQfGK8oxeV-Vx4MYTh10Nn2kJ-SquEn5DPCtyL0wqMQzMXi2Sffjftp9gNjgZ5RIFM7IQBnfIDp5G7pOcskYe7A2CRk_hh3jfI0qYhsnZWx1pqrcTCbwjeUvFvZf7uRSR99cp5f51fHsVAM3aWox1x5jbl1Js93PylbMsHM3pF3X7bA6qby0m7-TRhG-v-1dgkHuyTS2ZZhclUsqciqqoLLXj_Viw5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2854162
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5ABC 0
0 83ms
83ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdcDMzjBcZeXHBYP8gAeukpLQDLGluPpzqbKJ3qoRt8uivcABEAEgh5avIGCV-vCBjAegAYP2p88DyAEJqQITD9A53FuyPuACAKgDAcgDCqoEqwJP0G9i28ZRdKk_D1QlRI9-Qp9Fkt_TTflGXgb3anVeKfo07zK7VmGZsjW0ZmguLW_LQTvvefVNKmvTOATrjoj0jtquOAzwOn2shDfm4u9SH0Co31uTmJ_kE8jcJw8OAEIzsG6Oq93AM1aR15e0SumF3PlYbK-hMg-NsvIIyhMliajgTYFwL3hoFsKeU_LxGYKexRH8gBrQvJUUiMfcO1iTpEf76Pm-u7KSncpMhdu4H8UnhviOYf4ska5-e_qAVYKj2l7Yiyd6ff-ZVGWIhOp2zH4jFvQ3K_RfxrLYjPb23o87GkNxdFLY8IheizGmi7WeW2F48lkrqRExX1dBmQ56mCuI6lqmonsBHrjzAs7FTYEjd-9sZcsRh8VrVgPDg0lfELDAHqqGGh0OVsAEgvO-0qoE4AQBiAXKr6ibSpIFBAgEGAGSBQQIBRgEoAYugAflidgwqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQj-Ef0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJQWh0dHBzOi8vaGFnZXIuY29tL2RlL2xvZXN1bmdlbi9iZXJrZXItc2NoYWx0ZXJwcm9ncmFtbWUvYmVya2VyLXcxgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIbe0L2f1IIDFQM-4AodLokEytgTDYgUCNAVAZgWAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBg&sigh=HyXelp2x9wc&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&template_id=5000&cbvp=2
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 1 KB
478 B 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80ce17dd006b69c7e3076fd0cc1d2309406bd5c1a9c62674897fbd6feb21aee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 220748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 448
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:04:35 GMT
expires: Sun, 17 Nov 2024 15:04:35 GMT
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1FA3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59765f5dd9c5fcd35083de00d5a48923302c9a878bef8aceacd78c56bed2bc74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8879 12 KB
5 KB 130ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 597487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX7%2FpiElbgmFkSqtLxck8g2zU%2FOXI44FqpRl369Nwc8szM4QgbZd0aFt2iAs59FY%2BkHSGT%2F4fCjU7FuzD8YBCJ5FdzCqIMmOJEvbIoB7ttRyPTP4AHmPM%2BlTNgz8D0KoObGU4CEsnaovxQvxNufPX0EJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829628aeeb65997a-FRA
expires: Sun, 10 Nov 2024 04:23:43 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8879 12 KB
6 KB 52ms
52ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
DATA 200
OK truncated
/ Frame EE78 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1116a8297432a0f1bd25b783e3bd1712d70a3c294a40bfe93dcdb8a5416dcea6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A6E2 6 KB
3 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:50:19 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A6E2 34 KB
13 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Nov 2023 04:17:15 GMT

GET
H3 200 style.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 881 B
386 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae590f8e00a0c1057aff6057537047091bf5b9db986484c5970c9ebd51682547

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 08:36:16 GMT
age: 503247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 08:36:16 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A6E2 60 KB
24 KB 174ms
48ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 04:23:43 GMT

GET
H3 200 script.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
749 B 48ms
48ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/script.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ced681ae77b0f95e9f01ab28c5ae4c97318df43f3d0079eb3b8767ba10bc0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 06:59:06 GMT
age: 249877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 719
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Nov 2024 06:59:06 GMT

GET
H2 200 a99bc34637594b4296481dc9de5967fc_cpn_728x90_1.jpeg
static.criteo.net/design/dt/19906/4834091/ Frame 8879 53 KB
53 KB 57ms
54ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/4834091/a99bc34637594b4296481dc9de5967fc_cpn_728x90_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3017945f484c9700b3e1fa37fc6064b0bdb62f5318b1a25c93341dce7de8d11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 14 Nov 2023 12:31:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "655368aa-d30a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 54026
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8879 11 KB
11 KB 186ms
98ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=256&rid=4&s=MtvzsfEigKKy_3FBp1CFhNoj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

006a6aee308630c58e50cc65aa6af1fdeea60efea060073769053fadfbb87999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10940
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8879 6 KB
6 KB 136ms
48ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23407297_8-201905142034.jpg&v=3&w=400&rid=4&s=uJzs3hNtiyPEjzpZEB5q7TLM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

242cf9e606c03058ffc7f1ca6bbc3fe3f3c02b250721f81e62b5fc1197e3295b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6084
expires: Sat, 02 Nov 2024 13:40:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8879 4 KB
5 KB 174ms
86ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Thu, 07 Nov 2024 09:55:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8879 3 KB
3 KB 130ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F28408433_1-202301052301.jpg&v=3&w=400&rid=4&s=apIWfBHOh7O1RurQQewbYn03&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e80ce02e2c801308ad58e29209ba4a1e17e04093e37f0f169533fa54ea38c10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3210
expires: Sun, 03 Nov 2024 10:35:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8879 4 KB
4 KB 169ms
82ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25402845_4-202006091054.jpg&v=3&w=400&rid=4&s=jDSdYFtt5cbCe2aQrdZzsoq2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f8df6f3619442499c34784324159b55d118fbe0f3070c63a8554d766a4f7a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4212
expires: Sat, 02 Nov 2024 03:05:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8879 0
128 B 141ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Wbl0fQHCtnRpGgFZwB3qKnbcHbC43jkfBxtpaigQFBAeQ8djopa9gjM3gSbbmLXro9piM0ubJ3nVL9t63YBWEWCEd64qYVo-OMy70mvE0WvElqnRBop4COMMZYXzcNsq0ipFGX9Wqf6CkVH_by0S6xQDqm9Ljs3R84Oi2FCy70PW7wLLJYBH6p1LC4cHH7EoPJYKSgcxOeh9BrUpCDCiGW6mgfk5P12pwKRpyGVSJTN_Qpyj3qa0NG6uVLK4uEt7z9C9Ww&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8879 2 KB
1 KB 89ms
88ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8879 2 KB
1 KB 89ms
89ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0653 0
0 81ms
80ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C65mwzjBcZebHBYP8gAeukpLQDLvemfRw2L-1xNMN3dkeEAEgh5avIGCV-vCBjAegAcGqldIDyAEJqQITD9A53FuyPuACAKgDAcgDCqoEswJP0B5QtDQv96dLWheC_UG1pxk-vLw3OJJQWoK5sofQ7akNxaV0GPnWCdVlXMtSovlEOL8DEJ5RL0XdRTZXB-7Do-DAtV8eMLt3arPDRiwqeUx7xTV2woru3HlyyxgXBkTdmRcz4bDxY2hNituEhpbd8MLB2ouyVmvy-og1-kMVmX-jSS92u5AS_b0VVXHAwnlR9W2aLCMVNUfOBWBlv_9cXEvYBzTeSkNBisgTZgu5VkxjXiN6Vu51wwmYMZXe1utKSkubHzYsqd-ADptTAaU5baLuAMZpejKu4TKBKWqquQ5JAzTAYtCfSGjl92hU2PpZlqoo5t4RmU_40szla_4cCOjORfK_9iKYO98fZ-tGFTBuwcH3SxwG3ChKqrRRBovBawYV8B-RlfoAoTz-ElDiWLVSwATs4e7KywPgBAGIBYmYqoEyoAYugAen1eotqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjcMY0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJFGh0dHBzOi8vYy1lbnRyb24uZGUvgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIfe0L2f1IIDFQM-4AodLokEytgTA4gUBdAVAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBg&sigh=Qw2PUTWXFo4&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&template_id=5000&cbvp=2
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 145B 0
0 83ms
83ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CR6ZqzjBcZefHBYP8gAeukpLQDPX4mql02Z_lto8SZBABIIeWryBglfrwgYwHoAHE9sfPA8gBCakCEw_QOdxbsj7gAgCoAwHIAwqqBLICT9AKf6v5PzsuszAW6FJA3KuM3vrE4vgmTeIx7xPiY18VDT9aj84Zpcl5vZJSVGbUaTz1Qj8uud0h90shfHfNuCufgUyIacGzX6W3ZZYbD01bPzCtTpHGh2HiTe4hw76awRv1X2z3WU71hGC089EzvyNMC-Cgay6BGTT_dgRNSJ137Sx1MO5AY_rvaSdQEn1JiXgy4oD7H7Q0FW8NLMEF4gQ-Pt41umJXQBjMWKdU8On_Zch4VVH60LYBtqL7IxIPCAYZUS2zxmiw3sAAFihVgmUB6W7cR2nyfFQQaeIOKKX0-pEf7dB9EWSN9goSXfnnT0_IQ2idKPNA9wmTxbfpQa5NG10BpGaH5F0bes9TrL-V_ORH3O86sBO4LdhJCYwcvHc7ljVllpCVSsbaozTpYtZuwAStmdy3kgTgBAGIBcOij7pFkgUECAQYAZIFBAgFGASgBi6AB8uYxSCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDErQfSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgkeaHR0cHM6Ly93d3cuZGVwb3Qtb25saW5lLmRlL2RlgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIje0L2f1IIDFQM-4AodLokEytgTDYgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBg&sigh=Ny238KoVfAA&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&template_id=5000&cbvp=2
Requested by: Host: www.buletintv3.my
URL: https://www.buletintv3.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 8879 2 KB
899 B 43ms
43ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 8879 2 KB
900 B 42ms
42ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 8879 16 KB
17 KB 170ms
86ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Nov 2024 04:23:43 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854cf5e7b72476cbefa2a8d254dcaf647e80374d83a172907641be2b861edb57

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 15 Nov 2023 23:01:28 GMT
x-content-type-options: nosniff
age: 451335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1974
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 23:01:28 GMT

GET
H3 200 headline-1-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
2 KB 42ms
39ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/headline-1-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497ef239bb26fb4cd84b43b94b4115bed00f593cbe27c57424b4796f993e5eae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 15 Nov 2023 08:36:17 GMT
x-content-type-options: nosniff
age: 503246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1641
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 08:36:17 GMT

GET
H3 200 headline-1-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
2 KB 44ms
41ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/headline-1-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea6d31c5a725c6e2f70a1abecc6378b6c056cbd0ac564a4b728934d460dbc8d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 17 Nov 2023 08:11:53 GMT
x-content-type-options: nosniff
age: 331910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1633
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:11:53 GMT

GET
H3 200 headline-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
2 KB 66ms
62ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/headline-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730f32b33beefed1716a7e28ba9e299288de56745c33bc21c6a9de1c998c00ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 17 Nov 2023 14:56:27 GMT
x-content-type-options: nosniff
age: 307636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1559
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 14:56:27 GMT

GET
H3 200 headline-3-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 932 B
963 B 62ms
59ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/headline-3-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17437d6a0c1e9e33528cda823f8b8927e5445a47c49b91374b995c53baf13dc3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 17 Nov 2023 20:50:22 GMT
x-content-type-options: nosniff
age: 286401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 932
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 20:50:22 GMT

GET
H3 200 headline-3-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 2 KB
2 KB 62ms
59ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/headline-3-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

146170343b224c62da3f92b1f91fd6b84590aba0746ae311bc5cb10af7420a0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 17 Nov 2023 17:50:40 GMT
x-content-type-options: nosniff
age: 297183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2135
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 17:50:40 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 1 KB
1 KB 60ms
58ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b909db3503e1350eaf977d9dbedeea099ce0d0980da11bf5249ea2b8431db9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 15 Nov 2023 08:36:17 GMT
x-content-type-options: nosniff
age: 503246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1186
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 08:36:17 GMT

GET
H3 200 visual.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/ Frame A6E2 40 KB
40 KB 44ms
42ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/visual.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d65c4161dfe59ef7f4a176fa12c561c89040ab544b5e6308691552f1228e26

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6917700742561041924/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 16 Nov 2023 23:01:01 GMT
x-content-type-options: nosniff
age: 364962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41387
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 23:01:01 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EE78
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZlVZzjBcZejHBYP8gAeukpLQDOTWtqB0s860tYYStuzs7K4JEAEgh5avIGCV-vCBjAegAaWwmbwCyAEJqQITD9A53FuyPuACAKgDAcgDSKoEtgJP0Km8yXT29fkX3yGWW5qrHuoqc0UA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214375378718387396179%22,%22debug_reporting%22:true,%22destination%22:%22https://brax.com%22,%22event_report_window%22:%222...

0
0

98ms
73ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214375378718387396179%22,%22debug_reporting%22:true,%22destination%22:%22https://brax.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663115813%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214772413192631862529%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14375378718387396179","debug_reporting":true,"destination":"https://brax.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663115813"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"14772413192631862529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Nov 2023 04:23:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 04:23:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14375378718387396179","debug_reporting":true,"destination":"https://brax.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663115813"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"14772413192631862529"}&andc=true
access-control-allow-origin: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 156ms
74ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZlVZzjBcZejHBYP8gAeukpLQDOTWtqB0s860tYYStuzs7K4JEAEgh5avIGCV-vCBjAegAaWwmbwCyAEJqQITD9A53FuyPuACAKgDAcgDSKoEtgJP0Km8yXT29fkX3yGWW5qrHuoqc0UAcCCWWdigonfkK3uX_4X-8b-UryduoK9m0xuyGAcLFhaYYpwDbIDKRla7nj4NBiGiBpkkkyv_ev6sAHWen6HLA8QJwpNgEHOZrtxlKwdOgDg6fd4PzvYKhnGv_3LaGlBG4frpvZO1pB5bkyHcIMP2-tRNMHTNW9E3rrt2I5zrsnBuiiRL65U52ias3pkrXxKEB5qvippvGSuZik4saPgd-F_rY0CKGWn0nrJeZSN-3kCSFFVFd2rhwI8rXzK4YkHwh-oz2aCCiGzsBku686JmixeV2-aVmr9hh4MJtJocMxTa8hviAc0oqE-RCmhbspesBVttfvOQco34WngL-P_y5XvwZISTmdnhcE01DbXScHSgwIyMyKbi5j7UJoSIifs7wAT6yoadrwTgBAGIBYKq7o1NoAYugAfDz-bDAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEObBBNIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCY0BaHR0cHM6Ly93d3cuYnJheC5jb20vZGVfREUvc2hvcC9sYW5kaW5ncGFnZS9zY2h3ZWluc3RlaWdlcj91dG1fc291cmNlPUdETiZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NvbnRlbnQ9QWRCdW5kbGUmdXRtX2NhbXBhaWduPWRlYnJhbmRpbmdodzIzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIne0L2f1IIDFQM-4AodLokEytgTA9AVAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBg&sigh=Fl0jyiaY30Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 04:23:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1FA3 0
0 81ms
80ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CciexzjBcZerHBYP8gAeukpLQDMme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI5MTY4ODQyMDY4MDczNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBKUCT9CiGlpBoodnP7XvmPJxdgxW2IlijbhvwsqlKnuRHaxlW1ieRRBjTyiv3eqaMi_pjpBiTtpNXThNkYLSJAcTp_a1gUxhEHMPtASAz7-4UPo_1JaJBejiNHETOw_cyPSvRmuHhVX8RlQcLEHqLpqqZsq3_TN4Um-MjHoGBJ_EFNQxZNq2ALT7QFXISaLN_u-sZz2_y2gj5d86q5jLljbHtKYOrkWCcxrMOPW_k040-cDJa3FmhbteZbUdTixksBEeRcczEc4dCyzBBoHynh_zgNpw-8R0p53hrV8T4HcPWP8thIMKjOp4wwEKpm3DUR6FiqigqBRuWPqGaUvTUw1ioGDElXkwGz9AjBS1DrmFWtqOzhO0rDAmazLerEWwjVGj36dT1wvgBAGABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgP6CwIIAYAMAeINEwiL3tC9n9SCAxUDPuAKHS6JBMrQFQGAFwGyFxwKGhIUcHViLTMyOTE2ODg0MjA2ODA3MzYYn4YG&sigh=c10zRX3Mtlo&uach_m=[UACH]&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&cbvp=2&vis=1
Requested by: Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1FA3 0
126 B 158ms
51ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k-z_GMg12AVanYNiAgIAAAD1pA8sBUFIgRKwgsAJOY7bEM0wXGXGLdNDS9oVBAq3AAASAAAKCkFRVUREd0VCRHc&wp=ZVwwzgABY-oK4D4DAASJLgCJkcaApGJwASTxIg&cbvp=2

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 171169
server: Kestrel
content-length: 0

GET
H2 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 62AC 38 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:26 GMT

GET
H2 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame A6E2 38 KB
15 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 366ms
277ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b76577870f4b6238f98641696649d8f0522ad814af874ac5b29dfe37ada86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12502
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 400ms
77ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 04:23:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5ABC 42 B
64 B 117ms
116ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmAlqP_oJlBvugHrEoP0bEvCvs_r4_KXA_qF6xkr44Hs1W-uJNHHN6sgSbA7gqTVddMugHzlkhh9BIHXpq0I-jXQJvWEjJRi_YGrKDvlDPpse0rJJ-5qKrQvq_-JahbJr-hzfvBR6KjHMb&sai=AMfl-YRyK9n0w2-TqeqZLN-gaIdiY1MYx52jqrZHQx12HNYHiPIs58HPUtnljvhJk8GeEM104hzGxKhw1T5Vk-lVtN3rlt8I6SgiMKvTot48y5TqZrm0vehPjouaIjw&sig=Cg0ArKJSzKiQwAXsly0IEAE&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&id=ampim&o=315,174&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=440&tls=1440&g=99.99374747276306&h=99.99374747276306&tt=1440&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 04:23:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6F4 13 KB
5 KB 51ms
49ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 22:04:00 GMT
expires: Tue, 19 Nov 2024 22:04:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC34 829 B
560 B 61ms
60ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

566b727b58622e3e0cacbcad4038ff3c4f286b62156440d943d348cc669ca7ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WpHmuYfRJCV8qtvWM6vTeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buletintv3.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WpHmuYfRJCV8qtvWM6vTeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 04:23:44 GMT
expires: Tue, 21 Nov 2023 04:23:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B6F4 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 22:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 22:04:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC34 0
0 144ms
142ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=1683336398780197&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0653 42 B
64 B 181ms
178ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuxMYBXIG61FerA_seuo_pJC5nU1vz1zAU_zsBtH6SiHBD-m2w_xLe3mDEleqaD5vjw39idByf51pCqlzd6Qc5RAyTsZeScvu0g-3AWmKrt6I25L3GDokQMvsz7oe7bSEytuTulpuIUePdx5laVWb5XPCH-iYyuxs4z9ne6ZQ2SC_TeXwqnJfUF46BgUFu3ANRLYNqe0mbIlvYjT74sts1yANoxe7Bcpc2Y9H83vn81b9Y47epIUmcyAHGaKNdKtfT8rzr1PzCins16IiItRQ01OcioyExcZu9EwJ9m6iGPaE-b2DaFQCl7TfLaiDFZGtD64NDK7RP9EVdvAbiujnzfdduI-WuHF3Czb8kaBqVmRWONinOTpdk7a6dI-dh8z4xccxam8QMQfai0iDgTtFBuddO7EZvw1MW5lyI3_T3gkes-vv32cDbOkYqaMSxZaXHashL4PxAllaK538gkjCiPNt6etJQZJMGjndyx0jMF4ZCiYpcbDgomSFb6yLE7UAQrwGLaOSQHjfnXHTCtGqBz3ivZY2NDaLBksRTtnUitKbK2d9JDPcLhhSRKI1ntJPrZvHmXnY_A9wgY7TgNzpAk8vCThbfvNV6lmT_aQ8xklgNwbYqDIMEobfZN-9gBSNygTmfw2Cvi9moFF5A3ALXRDuJZ4800P8N4LiiOo8mKHbU9I5uqd6d-8QsPnniDwJ-9DjOJiCmTZRoRqyv6lW5n6m7ObO1paoK8CIhqcyaB__52hyrRQMgTe2y4pjCCGBPNksUuvsILvCrgY8puOBJNDlxqEdIj-MZ0W1pxEcmeyWKldYSVVp6XwyQplqyZn7vHGs5miovIZ9rWlgOarBNZAcqZY6COPqCSDUojx6btDPoEp0vwKdWFYURC81F0KknTqf7BU5rhE4DwBEcIiHlbwOcgK34tXwDCT-uPDgDmj6psI6f24J3RD81rIjdrbSh5HPw6p81HopiWjhaONmvz1LCmZGl5m0_-kOVzPPKRDd2Iv-SzXlsNjM9TL1bn9e7zbKJ4NwgT1HYgZpCx2ORpSlAvjFCJbHJ5seHBEK3hL784cH7yipRkvKboWvgUTuOl-cVsAjgUt372tLFm9hA0O0NXnkaUx_K6THhzmE7yeiAQM9we6hiMvXPjYiR4mSmGAjsc08BvHpeLpvXJlUcNOqot-FHAXApr_zCkyLA_rnMu90QO7LvO0grNUt8n3gISCiDnmlIYfz3OMGjLlTwx5wAlqFliaD0_eLCRZYOsfeA0_ifTqiwStRY5WW28FL8LCTaT6EUW8Pju6hwGTF3xekyZ133JfB53yls5e3JQU3lkQ&sai=AMfl-YSOvvJtgjKbUGgBY0ty8sH2HlgA0NA5lwcAEQR_zV0WGJTBzy7fdpy3dDfO5fYqBDUUJye49JzswusyFxY5Ta2I1OG_1T9dhq15icbzIWeB6r0c6GkLhdNOF3-aQn31KnjIloJAIKdz&sig=Cg0ArKJSzFeXnFuMoLL-EAE&cid=CAQSOwDICaaNss61Rg_RyqQwzOXv4A_qPEAnJL7-GJpRQvj9fbMxVMUEwrU-6uYSuRs08IBEXFciHGt35hqXGAE&id=ampim&o=1124,448&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=646&tls=1646&g=99.99374747276306&h=99.99374747276306&tt=1647&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B6F4 0
12 B 57ms
39ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G0wDuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
77ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=1683336398780197&bg=!0NOl05zNAAZxrfrxUa07ADQBe5WfOIzzyj5rK4cm-OeABU1L7iVlqVGh1veXBMYDueTnRnCDWAnop44ylIiOzRXx3Ap9AgAAALVSAAAABGgBBwoAsVIm3tZi8r_LmKf-1-0S9PZ57UMIHe8S7qKzT9ld6gE3XRbtLr_oTS5qjRKSZrM3rYDASj0A2XC8dHUmJjgDqhyeMTFDgKOylbnxKcUbSpM186wVJ_JiIBi-eiwx3rmQ8565QWExVDiJyZsU-8PZMZGS_stZBrfb_Pf-DrrrR_QHO-R6LO0P4nvTevmwxYJNtFC_ysv8ne5vdx0u-TpEN_knEaOSg9R5QiOmLOXzHfW8CZkC1ctCdhg9y4b6t2vEwHF2JbjHA-SRnMNUsgKjldVhCY3C1yZS0-X01EdBRYJ5pzmwQgOIJxIVOKkPGTRH2EES3wIlfhcsKVky77uTr-PD36VNMkQwjXsWDK1exWmdZrJ6hOsuYWX58E8QJce2NGWItQZX3b4ybij1zgqQNv3UaZvgPZoEfWJabAUd95zvLuEQz_C0zKav4mh8TBRxWq3v1BNX6cCFw9hwtyCB_oz6k4xVqrcC9kQIWayNDpL_pDzU_1BO3rtkuL71ADkHmcVRS1L0SOLY3ljljU9PmFs_YFmq5X9WGUQfcYvLybpPb4Oq0WcdcVrTJgvlDjT389DnNjooldqpzcNS5vt1DI7QXriJUiggDeUY1ajpcvbxVmGaBSQ1T_spdKgz-B7cnNiOM7dnErT4HA9YCnkE7gceVhRKCEmQlXY10mRGujKKxOH1OR1OmZF863SVd70XYmxx3aid7SV8A85k94dw9Pf5VRJ5IAmcfAfsTIWm6GCwAFR-q_76DqvD9g83EtTdTDOyl-nSwgfxsVhJXUf0zPUzJI5k3-tg1zkQCAq5RWn6aAfSAO4ZruMIrHuqTWrdP1plgFw6jkRtEhlmQ6PUjKKtbLXl5gbnu-psDqvrRI5wYe8H8LV-rSJCz6hcDF3nkgWBZ4-1ejjYdgIqnMk09xlNMVlq2Yg7yG8dPCiX09x9M8QjR1E7ieeDa6Wspq5F29CD-RjZmCZ5-TFxeCi6B8lYDgwrmCoIqnC3zgudjMmab7VmCoGoPJUym_E8X8nXPcUTccpIl_SKQOxAq1L65hhA2_4u3AKjanlnI0QUb3O9Fs6yRc9358n0jERc9GsZLvQjwL2ZWI8NGqC72yrglvhmh7KbkULfW3EZ4edZVnYh_WkPCd-G1WwicQvEIDc6Z9a54jaMTxOUMW8NkWbTQTVIDaLV3pyyqrOZdQtOCcs2q5BmhZMGwoT9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 bulletinBg-1683705718.png
image.useinsider.com/shopbagg/defaultImageLibrary/ 78 KB
78 KB 75ms
54ms Image
image/webp 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.useinsider.com/shopbagg/defaultImageLibrary/bulletinBg-1683705718.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39236b045ccceb2945a5903073218c4b91e41b2bcfbc06a0943378db2dde5b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:47 GMT
x-amz-version-id: n3Nyrz.bnCIQfuENdRMfEW4Ae9nMv8Iy
cf-cache-status: HIT
x-amz-request-id: SYF1VKKVG8EQA0J0
age: 3949
cf-polished: origFmt=png, origSize=157162
content-disposition: inline; filename="bulletinBg-1683705718.webp"
content-length: 79414
x-amz-id-2: c7bZqxzkU2/Z1j0TiWMbXognKNxPvRZsfGjGo4066ZJNLeY0ntah9zA7/XNS7iOYa1MNPRZP2Jc=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 10 May 2023 08:01:59 GMT
server: cloudflare
etag: "c22382af3ce95694772d2947b71b2160"
vary: Accept
content-type: image/webp
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 829628c80ebe65b4-FRA
expires: Tue, 21 Nov 2023 16:23:47 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
14 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: assets.api.useinsider.com
URL: https://assets.api.useinsider.com/css/info.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.api.useinsider.com/
Origin: https://www.buletintv3.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:08:32 GMT
x-content-type-options: nosniff
age: 245715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:08:32 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 73ms
73ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5idWxldGludHYzLm15LyIsInVzZXJJZCI6IjE3MDA1NDA2MjE5MTk1YjNlNzJlMWM5LjIwZWVlN2U2IiwicGxhdGZvcm0iOiJ3ZWIiLCJjYW1wSWQiOjExLCJ0eXBlIjoiY2FtcC1zdGVwMSIsInRhYmxlIjoiY2FtcExvZ3MifQ%3D%3D&t=c&pn=buletintv3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:47 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 829628c80ebd65b4-FRA
content-length: 42
content-type: image/gif

GET
H2 200 clipboard.min.js Show response
eitri.api.useinsider.com/static/ 11 KB
4 KB 54ms
53ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/clipboard.min.js
Requested by: Host: buletintv3.api.useinsider.com
URL: https://buletintv3.api.useinsider.com/ins.js?id=10007866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 431cada68f7c5eb041d16f5ba279d5817eabd69f0916b1781a02324764236ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:23:47 GMT
x-amz-version-id: Cam8fuzEH9hFwl0od4PaGu5cpNepAMj9
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 11:12:20 GMT
server: cloudflare
x-amz-request-id: WJ9Q5MAEX3TVTKHW
age: 3738
etag: W/"debcfafcba16d9ce0cdf9d9070e5bdf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 829628c81ece65b4-FRA
x-amz-id-2: QcUor4NoQerJ5tsz5dvU4cLAqGG8y04t0JCzITIkIMWmzYsqfj8YKoKvA2Bdh8aJsWj2xpzn3Xk=
expires: Tue, 21 Nov 2023 04:53:47 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WTLC2GCKZW&gtm=45je3b81v9118708698z89116590855&_p=1700540620971&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1702349986.1700540622&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700540621&sct=1&seg=0&dl=https%3A%2F%2Fwww.buletintv3.my%2F&dt=Utama%20%7C%20BULETIN%20TV3%20Malaysia&en=page_load_time&ep.article_author=n%2Fa&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.pagetype=website&ep.keyword_list_hit_scope=Nasional%2CPolitik%2CMahkamah%2CJenayah%2CDetik%20Niaga%2CLuar%20Negara%2CSukan%2CGaya%20Hidup%2CTragedi%2CTV3%2CBuletin%20TV3&ep.article_id=n%2Fa&ep.site_name=Buletin%20TV3&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&epn.loading_time_sec=5&_et=1939&tfd=10011
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTLC2GCKZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buletintv3.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:23:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buletintv3.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

409 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.useinsider.com/	1970-01-20 16:22:22	Name: __cf_bm Value: Zsnb1TvboBaojrh5Nn.Z5qf0dW9PvUhhdj3SC8SYBmU-1700540621-0-AeNTtc0xKbb4ENB8tqd40ICiU8nTtGyT79P5oW1zxu5v8OllOaj7V8u+MEvrRVJlB75dSANfYMnB1/m7YaZ69X0=
.buletintv3.my/	1970-01-20 18:31:56	Name: _fbp Value: fb.1.1700540621646.1948244316
.buletintv3.my/	1970-01-20 18:31:56	Name: _gcl_au Value: 1.1.888688266.1700540622
.buletintv3.my/	1970-01-20 16:22:20	Name: lotame_domain_check Value: buletintv3.my
.doubleclick.net/	1970-01-21 01:43:56	Name: IDE Value: AHWqTUnKWrPt93wnd-V4xK8UDqgFOUZMVGy4AM9bMRqtkEu4BcSxbTvSpG7CJQtc
.buletintv3.my/	1970-01-21 01:58:20	Name: _ga Value: GA1.2.1702349986.1700540622
.buletintv3.my/	1970-01-20 16:23:47	Name: _gid Value: GA1.2.1585871901.1700540622
.buletintv3.my/	1970-01-20 16:22:20	Name: _gat_gtag_UA_110467741_34 Value: 1
.criteo.com/	1970-01-21 01:43:56	Name: uid Value: b6040934-d28a-4237-882f-281ca5fcecf6
.buletintv3.my/	1970-01-21 01:51:08	Name: _cb Value: DJxD9nCbIt6dClahbn
.buletintv3.my/	1970-01-21 01:51:08	Name: _chartbeat2 Value: .1700540622280.1700540622280.1.BeLxL4BAzwUUDG2juDkmwvvBUBIzh.1
.buletintv3.my/	1970-01-20 16:22:22	Name: _cb_svref Value: null
.buletintv3.my/	1970-01-21 01:43:56	Name: cto_bundle Value: yCkcI19nemxZZmQyY3RYZW85Y002UDc4a29NT2RQU0VjJTJCZ2YwQ1RMVEY3NGNmWkNNWTRXMTFwTURtQVJZc2xpWFE3WFVzUmpvUzI3STNXdjB2Mm9CRnpjSExMOSUyRk43JTJGOUJGQ2tyZWRXS1VFdG80SHRuMUFOaFJKeFJqN1l0WVN1OG1xdVltJTJCSUNvMHBmSVdHSnNXWm52M1c2USUzRCUzRA
.openx.net/	1970-01-21 01:07:56	Name: i Value: 8bd06be2-2f46-4481-9bdb-116188311749\|1700540622
.buletintv3.my/	1970-01-21 01:43:56	Name: __gads Value: ID=60de2ce7f2489181:T=1700540622:RT=1700540622:S=ALNI_MZb4v_Skat5INNnLS-vhCxxa-Bgpg
.buletintv3.my/	1970-01-21 01:43:56	Name: __gpi Value: UID=00000cd66983674a:T=1700540622:RT=1700540622:S=ALNI_MYu8pJLIzcu-rJonnmqNb70xWHlwQ
.dable.io/	1970-01-20 16:40:48	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 16:40:48	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 16:40:48	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 16:40:48	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 16:40:48	Name: _kko_ck_match Value: 1
.dable.io/	1970-01-20 16:30:43	Name: _bw_ck_match Value: 1
.www.buletintv3.my/	1970-01-21 01:58:20	Name: dable_uid Value: undefined
hb.revid.my/	1970-01-21 01:58:20	Name: revid Value: blIAJjTYOhLJkaseEf4fB
.buletintv3.my/	1970-01-21 01:58:20	Name: _ga_WTLC2GCKZW Value: GS1.1.1700540621.1.0.1700540623.58.0.0
.googleadservices.com/	1970-01-20 18:31:56	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cfee556f581814255d418396162e959e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
api.dable.io
assets.api.useinsider.com
bcp.crwdcntrl.net
buletintv3.api.useinsider.com
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cfee556f581814255d418396162e959e.safeframe.googlesyndication.com
connect.facebook.net
csm.eu.criteo.net
eitri.api.useinsider.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.revid.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
i.ytimg.com
id5-sync.com
image.useinsider.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
locationv2.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
media.buletintv3.my
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
ping.chartbeat.net
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.chartbeat.com
static.criteo.net
static.dable.io
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.buletintv3.my
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.35.167
142.250.185.66
151.101.193.44
162.19.138.119
178.250.1.6
18.245.60.72
184.31.93.220
2001:4860:4802:32::36
2600:9000:2250:9a00:a:e047:753:a221
2600:9000:2646:c000:18:1fcd:353:c61
2606:4700:10::6816:3556
2606:4700:4400::6812:2a37
2606:4700:4400::ac40:91c9
2606:4700:4400::ac40:9430
2606:4700:4400::ac40:98c1
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2016
2a00:1450:400c:c07::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::714
3.224.128.47
3.39.97.207
34.102.146.192
34.120.107.143
34.250.99.225
34.96.70.87
34.98.64.218
65.9.66.122
0036a3aedc7e6bac50cf28a0d15a4457d9af7c8045ea728e0b7884c95f079dfa
005508497953718c5c5f765c3ec6bf8c7a8ae3acbeb4b362e1c6f3ce0deec255
006a6aee308630c58e50cc65aa6af1fdeea60efea060073769053fadfbb87999
0454cfc7f71698fac8a75099892c06562e78686ff9de5e70f10e073b78cdf927
054a3be83c428d1d7eebd8a0c280c25d8cc38aaa88b8ff24cd970ffbfc0239cb
05da67e77101eb55bb45ed769e729644573f7a19a67905b1abe4b556a5cfe718
075765a90340ea61675192508c5761df2fa7baa38d0963ea67f70f9765d0fcc2
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09cc1ba2f781bc94e2f489f366b7192c20d8b2e61cc579fea0170e23148ae406
09f75ed6bb87657862f468aa26d35de654ea17babeecd9515c89a792a88991d9
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cc6f66ba1e45880dadc9eb9aef569dbe898b90c9d5692f56c3c8406a8a4c086
0d557214a32f4a774cb002f840a8c965bba7f6d150ac19c56280b504246444f0
0e4c71053dd24543ce9d874c54f767c0452da6925f19f209f009f5ff19e29bfe
0e865847103154e58eb5743d40b2809b652b1a0d9b7df21786ced75bf66de86c
0fade114f64a0e4029ed96b153546c337c71ffd703bd29302b4acca992fed986
104c7d9601783a63913dc038d26bee92fd22f6dfe935e9a6a3c8867ed3b0ead9
10bcc85558ba35b51c637311b876869751dd89de1db3377c715197552e1bf55c
10c8d6008ed009d51193ddae953424a2924d87a1f6e0886477bf619e5c20fe95
1116a8297432a0f1bd25b783e3bd1712d70a3c294a40bfe93dcdb8a5416dcea6
133d037dbde72dac098912c20eae935611663b5dbbab7678707971d7c288b47c
138c7dc28a5071a21c68354198acf907495a01a407c0d703ac7f71a89606043a
146170343b224c62da3f92b1f91fd6b84590aba0746ae311bc5cb10af7420a0c
1668cdb83aa3dbb53d682c8fef4d54f728e604ff94b1c213ebcbd64a93b3ab51
16eb21a30683813b277f9be26ea1e0ab9dadb588e5016170fce4738922046fda
17437d6a0c1e9e33528cda823f8b8927e5445a47c49b91374b995c53baf13dc3
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1900b144fc905f8c8e049e865d72edfb4c6337fc6fe8e371857b72ff770fcb28
19762ac49693a81741f3d6ccf7a68ee30534192cfa3f733871e28716dfacce90
197b913b18766d7708f98eaddd890ef50ee717d1f059f0e4a16aeda0eb9c74b7
19937e0104eab4f38307ebe257f186669e452de812509e52b71e5b915a8a629d
1f6fe2e8252bb102633ff95ff99a44f64e7bcb88e90fe338219917edb28e8f1e
221ab0ed2077199a1983385a319624a684c5d0a68bd5ee5a96ce03859453262e
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22b909db3503e1350eaf977d9dbedeea099ce0d0980da11bf5249ea2b8431db9
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
23e08d0821efcd58093dbed065e769013ca0c3a775a1d4c46f00b60f848b3c8c
242cf9e606c03058ffc7f1ca6bbc3fe3f3c02b250721f81e62b5fc1197e3295b
24dca46de3355afb857272fd200987cc1e5a5bdb7a8d7956ea50fac23bd85266
2b659e725fdf3852a3fbff8a729431fa628cdb64f133723f18be537976d66987
2d0ae7cb0b5e8d6e4eeac1afb7ac20071ba1f407915a6092948237d9383e2c88
2ea6d31c5a725c6e2f70a1abecc6378b6c056cbd0ac564a4b728934d460dbc8d
3017945f484c9700b3e1fa37fc6064b0bdb62f5318b1a25c93341dce7de8d11c
307a124700705d26faf7fd71e4041eda45bd350cc71f3524e63f57eac42fc62f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318df846273e84ebb961eeff782c6b7692bc059ae5918976a0fb70bbc6ef85fc
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3748607a7163c42f22bf809e44d5f255fa4f42a756064180aadc545e60f12f23
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c3ca79a01bcd2463210b2ebc35761eedbf2dcf7341626efc93b19f5277461a5
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f8df6f3619442499c34784324159b55d118fbe0f3070c63a8554d766a4f7a9b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431cada68f7c5eb041d16f5ba279d5817eabd69f0916b1781a02324764236ca3
44b3a50fdef072b48fab2a862cc978a76317f04d31c984fbdb45080a3d457a5c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d65c4161dfe59ef7f4a176fa12c561c89040ab544b5e6308691552f1228e26
48a8e0edf39bbce7b1a143f16388079bbfa004a7b9ae5df50da50785e897c455
497ef239bb26fb4cd84b43b94b4115bed00f593cbe27c57424b4796f993e5eae
4d35e91a0ab25ac7ed62dccdc96c0d2bf6c72112ab3a4f04c6e8ba5984c74e7c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc32e6fc403d791b614e173174cf80dfabf2c4a9fd3e4f8c58134c19a1248e8
4fe2cfc6c4727fe4361216d1b282bcbc9150db96cfc6c879923eb0c3423b1aa2
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52f9b838a0fcc89984ec176870f6eb715e360b7092578069183a9fcd8f3b1426
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53cde1183bf689436d50ce9e9c7268e186deefeb44951c3a75e106d23760d33a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566b727b58622e3e0cacbcad4038ff3c4f286b62156440d943d348cc669ca7ba
58509914fa12bcd1629aec901f6b62de6c34211913e95039d44b6bc789645c73
59765f5dd9c5fcd35083de00d5a48923302c9a878bef8aceacd78c56bed2bc74
5ab2f7936ce9fb0528675b3cc5d51dc1c91c8b0b40971efaf4970fc6436cf951
5d5a04e848e47f0a45c5a778d3905f737e9de90909d484e80fc42626f4b547fb
5e86a2ece5692ebb6ae47a4ffc9ff35ec1171867ca20d6a4c73bbcbff1cc481a
609b1e47b47f2f319c93307e295c7f734f7398b8db7e97ff9eae80fe16bbc63f
610a34411d12d8fffd5fde9e83ad26220895f97c33ece6947ad02cf8ace56660
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67544f2e1cc5b1d90f2214040fbd4b8a8f5a7a4126e8958ea750bc4992a47e5b
67e7fc505584f40226ee366a49981e755b22ed6d7ea5a7d164c60eef4ac42a0b
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6b08feaf1c16ee3f37db073e611c99f7340efa4530c3b1360c6cea0d045e72ee
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6ee2a7af002ef975a144e713054348c5651db5c926fdeb141a194dd4d5b413dd
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
730f32b33beefed1716a7e28ba9e299288de56745c33bc21c6a9de1c998c00ee
73d422bb7447d222734ce252739eed14365961c23cd472a516ef3a167e05823c
7780665858c82f032f9bebf815bbd94a80a2b3d4e52ed24c9e72c5ff86b93167
7824fc07eb9717c3857a045e4fd7609e413ce1d2af19459c5124bbbe5b0c2197
798f2fd8b4a9c824873c54cefbc9f20a021f3c1e005209e447e1083fd7c2f426
7ace59476dd3f4f9f4c2a14e327afe5c5d064b5a751dd1f7a988a854a2c276fb
7b24975cc8aeb868ec0eb4de7a0e1e38ff55078888e54c7a44621f94491caa00
7d7b01ec2de5d6dcba8437f7b220e1730efedcf321c78832a3b5a4fbbd509f0d
805fbb16149765bffc2c1bf049f231d04854bb2c6b448a95280998c0b5b63397
83e14a48336fd74a0d7411d2ecb801f29edb0c0c31043f73115ff83d67f86c53
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
854cf5e7b72476cbefa2a8d254dcaf647e80374d83a172907641be2b861edb57
870a1110a4926700f852dc48399542a32c8f6fbf774778de6fe180b747f30c73
87a4aedc67e80b290b6d39a7e013e3684d2bdadb6797ec975f0faee3e37d4380
87b76577870f4b6238f98641696649d8f0522ad814af874ac5b29dfe37ada86e
8b9dd60afd8ed654d252022546b514ca6bf7d8f2072e34018e54798a4fb0341d
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841
8cf71d5e1766f2cdc6525106960ad71e9a1907938abc2ed497918a8f964b0798
8d3100d069f52a941686607d17afdd183c04eae277e27d68e1746192e181511a
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22
96313211d7bf074cdb4c8054501cba3e02ef2a6e87df9701aced5e8c72eb42e6
97f56e8c8ebe238c5f7ac1c9f559c33a66a8e168ac07b952ebc5837af57c0d13
9bc3c797212c1e8af33234fc30cd61dac98dce29330da2a64806b75c311a11ff
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d8a1e983c57b6d5856c58c08c695787b1baeade6eddfd8388a3f2fef633ac78
9e771efb2a0c3fa2e871bf4846415d5355da3f765d2d21e1d05b889ab3c04596
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a18519952b94a2038942dfdcc2ad46fba85dd4cf8b2b2cef2d9b413ff705e625
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1ced681ae77b0f95e9f01ab28c5ae4c97318df43f3d0079eb3b8767ba10bc0d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71c68c362b3ac9717ddd1f7d2bfbf96c51de962a8b4c25850d295f28ec03cda
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa02c02055d229edaa708ea1757e126d24ea4fd3def740c5437365b2604cf57a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3aceaf54fd11a2b48e6a368c83f5116e6913f1a2b9fa6257db97f6a524a79a
ac9e676f6ada1f43b6d297011e58d25045af7a5ef8b3d7b6506448c8a793de44
ae590f8e00a0c1057aff6057537047091bf5b9db986484c5970c9ebd51682547
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b4782513408b20f59c0d82a456a0dc21137103a3b92fdd7ea3322c566aa3a674
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b89f47e5ac40138f0af656c26f9e6612cccb76bc91c704c46d184ad0272320de
b8dcfa77128404119f28eb65c03a9ec7e7251aac5075f6d3b2e1a770ba80f372
b9dda51d4f414255e9a9c329113dde2345a6284fd7b47f9fcd245ca9169eb43c
ba1483497509fac0c1aa43ecda5ea7777c52ec71cf7eb88dfea60e2a9d43a34e
bec89b89be6ef6fc3b3dbaf901774024e52f315a9e327623f0e51f267d73dac1
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
c264f82677f9292cc031771999d6bc18495e598eaf271c003c7e5c97ae19bd7f
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
c3faf853c2873e245c02fab0081e6026151ff532a2f0e6e589613aca4ca7aaf5
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caff589d0a313eef2a28cc472e706daf3e9e8e2972aebcf50a5ab79668e21f20
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc5343e0c0e2b92d8de63fe8976048f89b11ee1510f95b9891edb18172f06d63
cda2c8787b9e600e0d478572b1fabedef4765c3b18a897324686bdd66eac3b44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d28fc24d827dec681132334e2a9a0f1bebbc52cdeff97ab711e38226662e00c3
d3d14277bd19f93777d1ffcfa31ff1aa66e82b8de47d60df3a6f66d9837de8d4
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d70938ce0aaef39ac2b9541aa7c536b7cc70ad8d52acd15bff80c2c04acc2d9d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d90082b352225bc9d0f5fc05da1141ab7d9a7744ff88fadaac6fad1813ae5a1c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
df7a64087eab9b9cd76e064cc9db4025d6661f9e4b0f2ecc2c8c9002d48f96a8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e2e0e5527edc4ac1047d0eaa2b8d57d9209f2479a285be54824929bb677548dc
e37cd23b73a6f7b3d52949052fd8bbeeace01d07dd30a3b6bccff3e8e6aaa106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80ce02e2c801308ad58e29209ba4a1e17e04093e37f0f169533fa54ea38c10d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cb44926f0afb4b69769237c87604cc52f9b74c3fc58fe91bfb6ed553f7e80e
e9ac87e5636e1376f54896af4f3b1a29100065a905b9ebb4219cd92f528b14bf
ebaa7afc988e5734efa43b9b6ebea3020bcb07a993f120355c91c4af985ff833
ed158c235e753d1988245e8999460fa86bca599dd421409bfdb484cf3f52161b
ed51edabd51f121744898d4e628b8265ba59da0fbd5af5c1a72bb3f1988227f0
ee6d0895565fa7d13147e4be88dd12725c8ec7e423927887c21658571bcc038b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef951c890b67caf49564e47e1768760bfeb2b1935e181e85570caa47de84fbac
f0a0db1c32dd0055986495d5be1c0f0a9cab0a0326489460cb5368da88dd9962
f39236b045ccceb2945a5903073218c4b91e41b2bcfbc06a0943378db2dde5b2
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f80ce17dd006b69c7e3076fd0cc1d2309406bd5c1a9c62674897fbd6feb21aee
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f99e235f9b3f7db7e05e2c5cfce5da55491d0e70fa177765ecb74433ce0eff77
fa59ea4f709ba007c6ef7197493f6031b37385dadd80f2ac7e594c961fd07e65
fb7075cd69d86aa958e63f345d14d87b1ca8ad079b05b10d1ec6a4ba28488ca5
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fdc484c880095d9231f38a354bec386b19509494e0d4d26e091e217e0aee01aa
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff2819f882317412b7579aefcdf767d51b5e4f1e231dbc9e50aeefde4507eede

www.buletintv3.my Open in urlscan Pro 2606:4700:4400::6812:2a37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

98 %HTTPS

71 %IPv6

35 Domains

60 Subdomains

52 IPs

7 Countries

7338 kBTransfer

12938 kBSize

26 Cookies

5 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buletintv3.my Open in urlscan Pro
2606:4700:4400::6812:2a37 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

98 %
HTTPS

71 %
IPv6

35
Domains

60
Subdomains

52
IPs

7
Countries

7338 kB
Transfer

12938 kB
Size

26
Cookies

260 HTTP transactions
10 data transactions