login.blokchaln.com.protect-user-account.com Open in urlscan Pro
185.178.208.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.blokchaln.com.protect-user-account.com/
Submission: On May 17 via automatic, source certstream-suspicious (May 17th 2021, 3:30:40 pm UTC)

Summary HTTP 398 Redirects Links 105 Behaviour Indicators

Summary

This website contacted 69 IPs in 11 countries across 48 domains to perform 398 HTTP transactions. The main IP is 185.178.208.136, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is login.blokchaln.com.protect-user-account.com.
TLS certificate: Issued by R3 on May 17th 2021. Valid for: 3 months.

This is the only time login.blokchaln.com.protect-user-account.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.178.208.136 185.178.208.136	57724 (DDOS-GUARD) (DDOS-GUARD)
48	2606:4700::68... 2606:4700::6812:5a47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.103.170 13.224.103.170	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:800:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:9400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:3000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
44	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	99.86.2.96 99.86.2.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
3 11	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
23	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	204.236.217.48 204.236.217.48	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:f400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:dc00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	34.197.178.4 34.197.178.4	14618 (AMAZON-AES) (AMAZON-AES)
20	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
91	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	104.111.224.62 104.111.224.62	16625 (AKAMAI-AS) (AKAMAI-AS)
8	190.2.153.150 190.2.153.150	49981 (WORLDSTREAM) (WORLDSTREAM)
2	149.129.240.178 149.129.240.178	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.25.98 13.32.25.98	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7 10	3.124.251.221 3.124.251.221	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	35.156.250.242 35.156.250.242	16509 (AMAZON-02) (AMAZON-02)
2 2	18.196.131.255 18.196.131.255	16509 (AMAZON-02) (AMAZON-02)
2 10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:1f18:612... 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37	14618 (AMAZON-AES) (AMAZON-AES)
2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	141.226.124.212 141.226.124.212	200478 (TABOOLA-AS) (TABOOLA-AS)
2	141.226.124.240 141.226.124.240	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.208 141.226.124.208	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.233 141.226.124.233	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.194 141.226.124.194	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.213 141.226.124.213	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.227 141.226.124.227	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.212.16 184.30.212.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
398	69

2 185.178.208.136 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

login.blokchaln.com.protect-user-account.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700::6812:5a47 (United States)

ASN13335 (CLOUDFLARENET, US)

www.freemalaysiatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3media.freemalaysiatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-170.zrh50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.2.96 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-96.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.236.217.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-217-48.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:dc00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.178.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-178-4.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-98.fra56.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.124.251.221 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.250.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

analytics2.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.131.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-131-255.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.195.5.38 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.212 (Israel)

ASN200478 (TABOOLA-AS, IL)

t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.240 (Israel)

ASN200478 (TABOOLA-AS, IL)

t2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t8.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.208 (Israel)

ASN200478 (TABOOLA-AS, IL)

t3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.233 (Israel)

ASN200478 (TABOOLA-AS, IL)

t4.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.194 (Israel)

ASN200478 (TABOOLA-AS, IL)

t5.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.213 (Israel)

ASN200478 (TABOOLA-AS, IL)

t6.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.227 (Israel)

ASN200478 (TABOOLA-AS, IL)

t7.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	googlesyndication.com 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	2 MB
52	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	311 KB
48	freemalaysiatoday.com www.freemalaysiatoday.com s3media.freemalaysiatoday.com	2 MB
46	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com t1.taboola.com t2.taboola.com t3.taboola.com t4.taboola.com t5.taboola.com t6.taboola.com t7.taboola.com t8.taboola.com pips.taboola.com cds.taboola.com	272 KB
20	ampproject.org cdn.ampproject.org	421 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	295 KB
14	googletagservices.com www.googletagservices.com	478 KB
12	google.com 3 redirects www.google.com adservice.google.com	884 B
10	bidswitch.net 7 redirects x.bidswitch.net	4 KB
9	mox.tv ad.mox.tv bgstats.mox.tv	124 KB
8	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	37 KB
8	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	367 KB
5	rubiconproject.com 1 redirects pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
5	m2.ai m2d.m2.ai analytics2.m2.ai	143 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
2	advertising.com pixel.advertising.com	249 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1017 B
2	weborama.fr 2 redirects rd.frontend.weborama.fr	579 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	755 B
2	openx.net 1 redirects u.openx.net	504 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	innity.com as.innity.com	1 KB
2	innity.net cdn.innity.net	7 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	google.de www.google.de adservice.google.de	272 B
2	google-analytics.com www.google-analytics.com	19 KB
2	protect-user-account.com login.blokchaln.com.protect-user-account.com	35 KB
1	tremorhub.com taboola-supply-partners.tremorhub.com	183 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	503 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	548 B
1	adnxs.com ib.adnxs.com	694 B
1	adkernel.com dsp.adkernel.com	233 B
1	2mdn.net s0.2mdn.net	17 KB
1	mathtag.com 1 redirects sync.mathtag.com	691 B
1	quantserve.com pixel.quantserve.com	372 B
1	chartbeat.com static.chartbeat.com	14 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	mailchimp.com cdn-images.mailchimp.com	1 KB
398	48

	Domain	Requested by
91	tpc.googlesyndication.com	login.blokchaln.com.protect-user-account.com securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
44	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net login.blokchaln.com.protect-user-account.com
30	s3media.freemalaysiatoday.com	login.blokchaln.com.protect-user-account.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
18	www.freemalaysiatoday.com	login.blokchaln.com.protect-user-account.com www.freemalaysiatoday.com ajax.cloudflare.com
17	fonts.gstatic.com	fonts.googleapis.com
14	www.googletagservices.com	ajax.cloudflare.com securepubads.g.doubleclick.net 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
11	www.google.com	3 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com login.blokchaln.com.protect-user-account.com
10	x.bidswitch.net	7 redirects am-match.taboola.com imprammp.taboola.com
9	cdn.taboola.com	login.blokchaln.com.protect-user-account.com cdn.taboola.com
8	images.taboola.com	login.blokchaln.com.protect-user-account.com
8	ad.mox.tv	login.blokchaln.com.protect-user-account.com ad.mox.tv
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com srcdoc www.googletagservices.com
5	googleads.g.doubleclick.net	19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
4	sync.search.spotxchange.com	4 redirects
4	sync-t1.taboola.com	am-match.taboola.com imprammp.taboola.com
4	match.adsrvr.org	2 redirects am-match.taboola.com imprammp.taboola.com
4	sync.taboola.com	2 redirects
4	analytics2.m2.ai	m2d.m2.ai
4	trc.taboola.com	cdn.taboola.com
4	platform-cdn.sharethis.com
4	sb.scorecardresearch.com	2 redirects
4	fonts.googleapis.com	login.blokchaln.com.protect-user-account.com securepubads.g.doubleclick.net
3	id5-sync.com	2 redirects
3	19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	ajax.googleapis.com	tpc.googlesyndication.com
2	pixel.advertising.com	am-match.taboola.com imprammp.taboola.com
2	ads.betweendigital.com	2 redirects
2	rd.frontend.weborama.fr	2 redirects
2	ce.lijit.com	1 redirects
2	cm.g.doubleclick.net	1 redirects
2	bh.contextweb.com	1 redirects
2	u.openx.net	1 redirects
2	rtb.mfadsrvr.com	2 redirects
2	imasdk.googleapis.com	ad.mox.tv imasdk.googleapis.com
2	as.innity.com	cdn.innity.net
2	cdn.innity.net	securepubads.g.doubleclick.net
2	ping.chartbeat.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	ajax.cloudflare.com
2	login.blokchaln.com.protect-user-account.com	login.blokchaln.com.protect-user-account.com
1	cds.taboola.com	cdn.taboola.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	pips.taboola.com	cdn.taboola.com
1	t8.taboola.com	cdn.taboola.com
1	t7.taboola.com	cdn.taboola.com
1	t6.taboola.com	cdn.taboola.com
1	t5.taboola.com	cdn.taboola.com
1	t4.taboola.com	cdn.taboola.com
1	t3.taboola.com	cdn.taboola.com
1	t2.taboola.com	cdn.taboola.com
1	t1.taboola.com	cdn.taboola.com
1	taboola-supply-partners.tremorhub.com	am-match.taboola.com
1	am-vid-events.taboola.com
1	wf.taboola.com	vidstat.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	bttrack.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	ib.adnxs.com
1	pixel.rubiconproject.com
1	dsp.adkernel.com
1	match.taboola.com
1	s0.2mdn.net	imasdk.googleapis.com
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	sync.mathtag.com	1 redirects
1	bgstats.mox.tv
1	pixel.quantserve.com
1	m2d.m2.ai	login.blokchaln.com.protect-user-account.com
1	static.chartbeat.com	login.blokchaln.com.protect-user-account.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de
1	l.sharethis.com	platform-api.sharethis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	ajax.cloudflare.com	login.blokchaln.com.protect-user-account.com
1	cdn-images.mailchimp.com	login.blokchaln.com.protect-user-account.com
398	89

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
twitter.com
www.youtube.com
www.freemalaysiatoday.com
schooladvisor.my
popup.taboola.com
rfvtgb.novelodge.com
gain-intl-dental-implants.zone
40574c.nmptrkgqczwgnrb.com

Subject Issuer	Validity	Valid
login.blokchaln.com.protect-user-account.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.innity.net DigiCert SHA2 Secure Server CA	`2021-05-12` - `2022-05-17`	a year	crt.sh
ad.mox.tv R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
*.m2.ai Amazon	`2021-01-14` - `2022-02-11`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
bgstats.mox.tv R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh

This page contains 30 frames:

Primary Page: https://login.blokchaln.com.protect-user-account.com/
Frame ID: A8BE4CDDCD17BD13B42BEDD3FB39D63D
Requests: 154 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 044C78296985097CDE278D1A384FE1B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Frame ID: A737F6C0203C5F1C99A37024460E6DE9
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss43Y4Y9KqJtT_eLZN9kjWShLFlc06VSXR8O14mAlKWdGDkyLRbNSiOpG9M7Itnyf9qU4snM8btpvh1igJ5FOqlDrgJ3amEZL61X9jqapUo1JdoaqQUbcmiQLfkajFUrQZUGWTXvCnJwppKz4z3n9C84k83-6L_1UCu84_nN3br9tSRDbVp17RoJ8JjW0mIjqzxGARFw9Me_JSB2CyqYOT-AinA50ryseM2xXT8vt91KOcGQlatWhLeLbFqLNLM7GgMMOIuTnCKznml0K4Xbq0MOVHcsVbMi_rH1Z4p9AZwATw-MjVYiq2gm70zKT1oSeRIMNafBovotC_Eb2AoLo-plA9RHKfHHOqY&sai=AMfl-YRk_WP4LXN6VkorQXQY_2UV6bKDRV2pFwC2iwlMs5VtsCeWi2XLNsutsTnDOjoXlfaqX6tIz2SsuHeLksRQdOR7IrItLEfCY9xrQIE0QnDdNIDlcCr4GTgJ2BYTG8H5&sig=Cg0ArKJSzH2wcTETop06EAE&adurl=
Frame ID: 0FFDDE20B1906540FCB1961480C579ED
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspdvAWIxdtEij92EomGc-JnjE2MZq6ggiM5wXP_Pfkc4wlJK2sAaZBSzK0Ze0LqlbSW-ARkWCmOJInjcOj9yK8emZEcpH0plHTeRUNBAfSelxftapEsDUsZK6FyfT_AvYUZ-MWI3wo9XWsf3jlNXrgWrXZe6eC3fmBuAZJR2LimgXwaZvWjh9d7CbcB-oIky1VRCnYGenoWK27z0uXWohsSb07r4afr0e3_O0Abt0-j0BPyh-y9ejzKAgwzaFi88CavrYSgYMXMLq1K7FbfAg2twElLNVp9scKKR7QssqSQHsJuXkOdfmVVd_dbH8plgiKHS__hFFKEtN1b5UacvdBx_fBLi-gmWFxgTR1&sai=AMfl-YQ1fDWLe3U0LC_nIAO-CVZ1r-WYQs4K4dY_eVnqk2eXihMvCv3zIMKD3qhiM9Ezmij2zCxZ-oXPpknlaEf_dNXMN1EmfYYW2kThmKqEU3fSO4HjAzvn5DRZIa3AV5uM&sig=Cg0ArKJSzIQ0EZysDCSvEAE&urlfix=1&adurl=
Frame ID: C42C3EC03FBF6E95D5226FD0FF4279E8
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszouNBhbtozbEFha-6KU0K8pG1TX_SsRUarJILVabWCZ6CfY0I7NfrztTl8rewX6d7oAJJGfRd7NXNe94xXuVAlkxTTpDeL8KsshO6Cwi2VPWgGyoTJfXjXUGmOmE1cKaqSwvTbW_RKykJSTZbJeIl6bpX5JJ2Ao361g48kEMPJMzfrbU7cBxFzaC8oSKbHHy2Fq_Un0MvMRNwD7kQOd9XG2vscSan-qO3yazf58Ul7tqqhZ3SRMG2yajPMZQUDoW_3FUw7rzCoboknjiz70ED0NohKdAm1LJoOYZS2m7B_PSMuqGiHGIEVqPn9-ctLqYK92RhJm6X7E5A2YWWaA&sai=AMfl-YTUlQIBjCgAT5wB029YPbHJSsEyD5Hz-qjsPWFwbpfjys_aCD7HxYLLxHyqQccMNnubchGtjgdcDWEe3S5-4Bn3RsYyUF15w0EaDew_Kk2xMMMJPne5RzncA9szKeg&sig=Cg0ArKJSzKTgboNsDxfYEAE&urlfix=1&adurl=
Frame ID: 98144037ADEFC009134936E987F19C45
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMV-OIBp7t_JSv0PaVKtIHIUUZTfqjkpr3UR1v_itfBk_nAk_6py5d2p4viUcuSQ1SERIlGwDrKsUu9UqpRcU9YJCwysUXgxIHIjW9QeThHQRtacvQQ9U8gysFwCxtS9U6IKB4rMM0rQPo6iaK7n6fa3Xdx9oOPNa7Y950IEF5xTZMUj8y-drmIkOKF8WtUWa9NCWsHlPFLxBivksn6uxfugAIRButJvo5PC5O5WiKNNyZmHrQ-k-GcQ6tk2Sf4jVc66LnptIE9A-jFo0wBY2nNcrRjzOsjhSest7xrdci-SVoXAE6hiGNf_64B-M8VKJxLDUWS9JxW6Ke6pR5a_siNX26wycu_kuT&sai=AMfl-YRNC4styC9lGA8rV-Z8BvUOehCNCohQSa3FL7p68p_0-ZQT4W_9cUAbS6e7-S8TX_Jo4o8CGRqWIDBe2oHqWssDSjCrRyw7vSHLJVXJN9Nsh8V5hH5Nx7Wj6PbQF7I&sig=Cg0ArKJSzByFQzDvDa71EAE&adurl=
Frame ID: 417CD48532B273FC94987293F73E019D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 554D10B984F6097B22EC60693A5EE51F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A61536E9A9DF81A990F2E0BC4C9C9A3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: B225AC7AE54E8F17C05769B237C02F57
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 9D1997A6335FCAE72966DC9DFB79F147
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswoHn8FXFDO4zqYfYhk2OfFCQNt20G7j27Lu6WieLZogl1C16h_brCLwgZBROALBlfEPQgYsHuVSc-J_0LM9_S_FQjaunrAjMt-Ey5IZyVNeendLCIyrjpK49qFnInYpV4Q1TrGf__97Jz98NYo-MTB_BG3iD3ySqJ5b4s045p0FLcdiY-QApVzH9ZlH0Mwk6rw6UNz5IdwiUdeZYNOlGXrCPFjDxnIrT8zs2aLyLEuVVJTz_8enOyVWgyqfp1xpqu3rFNUIp6mEzoFurgUoh0cWfTLzBDg2l7-1mHU7ClOSNEyas_zOEJZccBkVA1cpiX8wbhr7CXfkjWszGae5Wdghp-iLKLHNpdJpXX2nvKnxz_&sai=AMfl-YS6s6m8WM40ZGKC9qaTzrSBVKJL9st17dQlIK6C5s2cBGneBsk805UbG8vjTBGOwQj4d3LK4eg_YsK_wLt_bGscvihcdFvbaWb6fxd4H_QOxJE1hj91add6Up4dMFaX&sig=Cg0ArKJSzPpObcIaNjhtEAE&adurl=
Frame ID: 9F36F1B303F5BF7F54EF45C0F26079DE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT_QjrsunE5n9uX7v5CAFj5e39BSqixjhCCw3Xo7ws7V4tpkMN57cOCUJTTgvRQwy8lyJq5zsJvx5Um-XbIuO6_BH9APqB9YGck4uFuAN_Y7HQ4blxRxCItdswR3d4_5E0W3WMW43FZnT5KZ1STkgLS2qlUMazg8b72yxEyEeKyskBbJxRdZ_3YJYtec_fGC2GPI5IJq-VOBetA_Bi1u0JGU6XNFRy1rPRrpALfH5EvLwTFz8-JB_K0BxyCwg5-tyIRaSUzY3o00DqFgmpV_1bFwgCv0AT8-9ief6HWD4YUN8jzVSCTdyHEoNkkQ13bzzdrgyzTYnjMEiFV9xA0Cnx8XS3AVGtnGjXTCia&sai=AMfl-YTLpKZYjeVPHqykx-z6RGZhzrP1td6-11lizH0M1FjqsKkA0n9X41CcpEI0LbVPjP36zzHyhMBr7nitL582uogNt9nLeNbABsm7cxKLej1YlEqDPvHeXdzr6bJsEtQb&sig=Cg0ArKJSzLSPuTFupxnTEAE&adurl=
Frame ID: 0C55C63260541E3142B33A67D600A6CF
Requests: 6 HTTP requests in this frame

Frame: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A9840DD85BBD5270252E13F513F5D140
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 0991A04B4024AF4A1F56FFA2CCFEFE1D
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.459.0_en.html
Frame ID: 3A7A2215318C865BBCC0EB1FE11AD85E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6EkJtmZusoHX5FUbY-k8MkNzztTWMgU4PwY4ROUP-43Nn6l3X3EtraFKkIXDr8nhGMNwUnmKcSS8QtsWLholgirXf9o2NiaP8W-R4sWuVXh--51XYCpUiYJm935I6IOxf9OzUzWt2CqX7v1KQf8wciSwzFWzMSdjLr6rOOEI6JTcyby7XTqzge9hbyag8z1fTmiKjtweqKLqG8vasYAZB65z4ap2jMtToGnyINcLpDhJnrUEGkQkEDDFpXEWscP1rtvHXTfvuo13NIhW9S0njN3KEdEwZFHvoeaDaBlQbaf14bLeUYoe9af3YrIBvuV5XaqsigXqqfTis91X1pb1NLF8YMIkdDS1sLxgP2CM&sai=AMfl-YSqyOffMTEmxrB5t4z-fWpOVLTwq0b7a6MoQbokwgIs0lChl1ocdSjlGYM5oVJtsan28a0ih9x-39fsI2T9KGI2hEQfWLzDKW5GpgREHCEzMBhjs0uSowJESW0xsdQ&sig=Cg0ArKJSzH1TkR1PVhfpEAE&adurl=
Frame ID: DF0412A04E06CB187EC33FBB5A5E4BC2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXcDkmaKdhjRkPQ9F1N7zAQhQBXWkvB_gGe_0NDud9AAzLVoo18YLmXCYI_ZpT82SUaHOPdwcZB3aFLHIMx4q2JQva3ctEPx0B4u1ylvbapZ_fuCBFkdclDb4TYDN3WNGCrMRU-43wCKY3WJoXp1AdF6jyqweK3z7yG_G8ijDvXQYqU8IBTOEKNu5nTdpBrEVewvrlOHS6Kx65_TeD2ZSWaT2rjS1LZOjWvQCbLpLYcjx5MeQI2hVvMGsV_YyFPyGGGaYpSpg7306CM-NjLLJoh4HIrpTA3WuGqjJHGEMJyVGLDSr10zFuxtHUU9Iaz7BI67lfp8DzyWDraVhhsP0rGBMCSc685Jc&sai=AMfl-YSMcUk5OtHqURfoar3WdDIOEt-RSKfolBwPy_fFjrgQTpF1Z4UcKDeyyqvub_t_-7IJCSBr74H3RFmjI-X63m_nPKMLAUVvlZ5NGw-0Aza_qD4jSghIQ-ZV_gZoB7c&sig=Cg0ArKJSzFWYDV1bnV9YEAE&adurl=
Frame ID: 7B8167077119ABE102906A2D8A96CB96
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbBIyMQM8Dyp7cAcCuceblKURUpX4n-BNk3uPzgabFyijD9Rv5FVu32nzAbLdqlrL_zG3ecjegdTz6Dne500GT1nv9-1-t_-7xwMfW5GOXjgeGbkHLk2aZVPirYxtofvuZPY51UHn9ZVZIMh0ahzIOFm7UFlsKX9pbMCSskmdz2PxaePEb10f4N_T3EKNtGdklZKXjBMVXRL07ALINQxBwD0dEbqvd6UkTcfwq7tE8y5zt7raxdi9YhkXee8tOO0A-GJesdT_A5gnsloa-KXUjLsSFoUhDabD-n2qEVOJcQYQyctVoTosCazkC2vvhwZoEZD6bHxqHdIK9i0wQotscMHf4WG2cJq6Ux3eeVf0&sai=AMfl-YT5p4NZWN_TVPvAC4C_fOLU4hZ5swhGr9thT7Urxy0vUzWbAwcLKVYqpddwSHYbUZg2hwVJMtAinHe6lI9DilpdckxrmLhh5oJr1c3JT7K1yRZDUbKo0xXbuyu99pU&sig=Cg0ArKJSzPbuMzAj41CBEAE&urlfix=1&adurl=
Frame ID: 560383837FED357AC303168A49CD7FF9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ4z6xgFWrQsli2bRIuRrCCP3o7wJrWVMI8useK9MEtHCGIItxax2MMEVM6V8NqPM36F6-dnOxu8X85T3TnEYCvluksS42HzpTRB0ltCeSHDWRSLbez6mbwdOWaUCdjKlbVUa1ci7eyjPluQcIL2RWhHK47UfejH2dHimzz06Da-aIyAPeGNNm4e5WK0ApqPknN4ey8f3NhSPoovQBy2vgh4uTN1VhGoNu9-87gV-ai7ZFqoOcjqqdYqTIhDsGl5Vs5vGn3z8WkxKRoTW1SL1AwJWbh52NBFxgDMaijhoUZ4TZEbVo4scPj-5nQ9tp6Bq1wYKuPRWGh6a98-upFTUUTN887Wrm5xk&sai=AMfl-YSQK1gsRq_B3eP3QcnNTYJxyZo0FXL2I0VLv7nb_s9rik583GCyB1Xpd1LNw55AeK1aW_CRXgxYpeuRNDpxfonq97biccBrQFAhPSQicH7LlshMNrhDHVuqevW1mDUB&sig=Cg0ArKJSzFeZRlXVgIa_EAE&adurl=
Frame ID: 2F2B76C3C12787EE89371D53B46CF65A
Requests: 8 HTTP requests in this frame

Frame: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF834EA84FC78CEDC7AFE31ECB9F4D2E
Requests: 8 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e&tbid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c&query=taboola_hm%3D11bfef14-cade-4406-a1fc-da8fb4686b0e&isDirect=0
Frame ID: 9683AE423514161E0FE00F6C7038F464
Requests: 19 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 33DBE14001FC9F1B7A8039A036450364
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 44F4451F2E539CF23779F675CCF2AB4D
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html
Frame ID: 55D42261660CFF7730ADEACBF4EEA2D4
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B9CC1188BAC1308F00C99A3515584108
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html
Frame ID: 31A70BF6B70E39D3661F2F020DAD01D1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4094853F09D02D783E69801BC40FAF73
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 25A4172F91FBD53743B6F42A6AE58A8F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: A83BE75B31C0CA5DA3C63FA9DC81B82E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

398
Requests

95 %
HTTPS

37 %
IPv6

48
Domains

89
Subdomains

69
IPs

11
Countries

6045 kB
Transfer

13223 kB
Size

0
Cookies

105 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/freemalaysiatoday
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/freemalaysiatoday/
Title:

Search URL Search Domain Scan URL

URL: https://t.me/FreeMalaysiaToday
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/fmtoday
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FreeMalaysiaToday
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2020/02/02/the-problems-with-our-local-education-system/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/nation/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/nation/sabahsarawak/
Title: Borneo+

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-berita/
Title: Berita

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/tempatan/
Title: Tempatan

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/pandangan/
Title: Pandangan

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/dunia/
Title: Dunia

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/carzilla/index.html
Title: Carzilla

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-opinion/
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/opinion/column/
Title: Column

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/opinion/editorial/
Title: Editorial

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/opinion/letters/
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/fmt-worldviews/
Title: FMT Worldviews

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/world/
Title: World

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/south-east-asia/
Title: South East Asia

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-business/
Title: Business

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/business/local-business/
Title: Local Business

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/business/world-business/
Title: World Business

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/property/
Title: Property

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-sports/
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/sports/football/
Title: Football

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/sports/badminton/
Title: Badminton

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/sports/motorsports/
Title: Motorsports

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/sports/tennis/
Title: Tennis

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/simple-stories/
Title: Simple Stories

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/food/
Title: Food

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/money/
Title: Money

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/leisure/pets/
Title: Pets

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/home-ohsem/
Title: Ohsem!

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-apa-apa-aje/
Title: Apa-apa Aje

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-nak-ke-mana/
Title: Nak Ke Mana

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/inspirasi/
Title: Inspirasi

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-myhobi/
Title: MyHobi

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-glam/
Title: Glam

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-sihat/
Title: Sihat

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/bahasa/fmt-ohsem/ohsem-gaya/
Title: Gaya

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/gallery/
Title: Gallery

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/photos/
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/app-landing/
Title: The FMT App

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/advertise/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/career/
Title: We Are Hiring

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2020/02/02/the-problems-with-our-local-education-system/
Title: School Advisor

Search URL Search Domain Scan URL

URL: https://schooladvisor.my/
Title: SchoolAdvisor.my

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=freemalaysiatoday&utm_medium=referral&utm_content=thumbnails-h:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://rfvtgb.novelodge.com/worldwide/teadre-ta?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-nl-teadre-s-des-0w-kp-27011&utm_term=freemalaysiatoday&utm_bid=msViKpTnRpXthgOGdE16w9-Bab47hEfYfD6inMhDeX4=
Title: Novelodge

Search URL Search Domain Scan URL

URL: https://gain-intl-dental-implants.zone/?ref=taboola-freemalaysiatoday&sub_id=freemalaysiatoday&sub_id2=208-dental-taboola-ame&compkey=best+dental+implants+prices+{{country}}&rskey=The+Cost+of+Dental+Implants+in+Bucharest+May+Surprise+You&tblci=GiCSDMHu4KKBiPdYmpAmA1BRxLF-AX2nPaJJMsKM6fORzSCYllQokeCn97789aQ8#tblciGiCSDMHu4KKBiPdYmpAmA1BRxLF-AX2nPaJJMsKM6fORzSCYllQokeCn97789aQ8
Title: Dental Implants | Search Ads

Search URL Search Domain Scan URL

URL: https://40574c.nmptrkgqczwgnrb.com/?network=taboola&site=freemalaysiatoday&adtitle=Bucharest+%3A+Online+Jobs+in+the+USA+May+Pay+More+Than+You+Think&click_id=GiCSDMHu4KKBiPdYmpAmA1BRxLF-AX2nPaJJMsKM6fORzSD59lAovPCH3_7bv6Mx&dpco=1&subid1=10189834&subid2=freemalaysiatoday&subid3=2021-05-17+15%3A30%3A16&subid4=1019190#tblciGiCSDMHu4KKBiPdYmpAmA1BRxLF-AX2nPaJJMsKM6fORzSD59lAovPCH3_7bv6Mx
Title: Jobs Online

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2016/06/01/hudud-will-help-boost-countrys-economy/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/school/
Title: School

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/students/
Title: students

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/pisa/
Title: PISA

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/study/
Title: study

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/tag/advisor/
Title: advisor

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/sports/2020/02/02/benzema-strike-gives-real-derby-win-over-atletico/
Title: Benzema strike gives Real derby win over Atletico

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2020/02/02/get-the-hidden-hands-behind-anti-saddiq-demo-cops-told/
Title: Get the hidden hands behind anti-Saddiq demo, cops told

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/world/2021/05/17/china-bars-foreign-curriculum-ownership-in-private-schools/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/05/17/long-working-hours-are-a-killer-who-study-shows/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/16/from-playing-at-school-when-young-to-tokoh-guru-today/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/opinion/2021/05/15/100-malaysians-dead-in-3-days-its-a-covid-19-war/
Title: 100 Malaysians dead in 3 days – it’s a Covid-19 war!

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/penang-real-estate-expert-michael-geh-dies-of-covid-19/
Title: Penang real estate expert Michael Geh dies of Covid-19

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/bahasa/tempatan/2021/05/15/pelajar-maut-rakan-parah-selepas-audi-rs-dipandu-terbabas-langgar-lori/
Title: Pelajar maut, rakan parah selepas Audi RS dipandu terbabas langgar lori

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/confusion-reigns-outside-major-kl-vaccination-centre/
Title: Confusion reigns outside major KL vaccination centre

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/azmin-family-to-be-questioned-by-cops-over-alleged-sop-breach/
Title: Azmin, family to be questioned by cops over alleged SOP breach

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/05/16/malaysias-father-of-physical-education-powers-on-at-95/
Title: Malaysia’s ‘Father of physical education’ powers on at 95

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/05/15/duo-programme-malaysias-first-smart-vanilla-farm/
Title: Duo programme Malaysia’s first smart vanilla farm

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/opinion/2021/05/15/time-for-a-war-cabinet/
Title: Time for a war Cabinet

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/tamrin-wants-his-trial-of-offensive-posting-against-tmj-moved-out-of-johor/
Title: Tamrin wants his trial on offensive posting against TMJ moved out of Johor

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/4140-covid-19-cases-selangor-has-most-infections/
Title: 4,140 Covid-19 cases, Selangor has most infections

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/15/jaringan-prihatin-good-move-to-help-b40-students-keep-pace-with-studies/
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/05/13/youbelong-in-these-dream-homes-by-ecoworld/
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/bahasa/tempatan/2021/05/10/fasa-2-bpr-berpotensi-bantu-rakyat-jana-pendapatan-kata-pakar-ekonomi/
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/05/10/your-outstanding-talent-could-win-you-a-scholarship/
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/leisure/2021/04/28/5-signs-youre-absolutely-suited-to-city-living/
Title:

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/photos/2021/05/14/perniagaan-jahit-enggan-rebah-20-tahun-dan-terus-menjahit-semasa-pkp/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/category/photos/
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/photos/2021/05/08/the-timeless-beauty-of-sabahs-indigenous-arts-and-crafts/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/photos/2021/05/05/ramadan-in-the-new-normal/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/17/make-may-13-a-day-to-honour-victims-of-riot-says-academic/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/17/singaporeans-praised-after-blogger-raises-s262000-to-pay-pm-lee/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/17/mca-calls-for-cash-handouts-to-hawkers-jobless-in-selangor/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/17/selangor-ropes-in-volunteers-private-docs-to-ease-congestion/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/nation/2021/05/17/cops-probe-celebritys-family-over-hari-raya-gathering/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/sports/2021/05/17/tuchel-tells-chelsea-to-finish-the-job-in-quest-for-top-4/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/business/2021/05/17/warnermedia-discovery-to-merge-and-form-streaming-giant/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/business/2021/05/17/nornickel-pumps-out-diesel-from-arctic-tank-after-leak/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/highlight/2021/05/17/mcdonalds-malaysian-partner-denies-aiding-israel-says-its-a-muslim-company/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/about/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/disclaimers-copyright/
Title: Disclaimers / Copyright

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/privacy-policy/
Title: Privacy & Policy

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/bahasa/tempatan/2021/05/17/mayat-bayi-perempuan-dalam-beg-ditinggalkan-di-tepi-pagar/

Search URL Search Domain Scan URL

URL: https://www.freemalaysiatoday.com/category/bahasa/tempatan/2021/05/17/agong-raja-permaisuri-berkenan-tunai-solat-hajat-untuk-palestin/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://sb.scorecardresearch.com/cs/6034955/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 103

https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&c9=

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 194

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=790a73e1-a362-4100-afcb-b9a7cb2aecf9&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=790a73e1-a362-4100-afcb-b9a7cb2aecf9&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Deabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent=

Request Chain 274

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e&tbid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c&query=taboola_hm%3D11bfef14-cade-4406-a1fc-da8fb4686b0e&isDirect=0

Request Chain 275

https://u.openx.net/w/1.0/sd?id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=

Request Chain 278

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qSsT7GnQssJY&ev=1&orig=trc&pid=562107

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELSkpRJ_Tisb6p6eJ0ZTp9c&google_cver=1

Request Chain 282

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c

Request Chain 283

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef451100-c143-4de8-b52e-5d4855de76f4

Request Chain 284

https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 288

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=09971ae8-3876-40b4-b965-7dfa489f9d4d

Request Chain 289

https://id5-sync.com/s/464/9.gif?puid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=1&gdpr_consent= HTTP 302
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=21227561 HTTP 302
https://id5-sync.com/cq/464/100/6/2.gif?puid=HTWrLO0kjvQDDTnlphoOrO&gdpr=1&gdpr_consent=

Request Chain 290

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=EPuRqrSzAXyskdHeDYyiYA

Request Chain 292

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=872a4224-3784-5289-b82a-5374d888df79&ssp=taboola&expires=30&user_group=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=872a4224-3784-5289-b82a-5374d888df79&ssp=taboola&expires=30&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82500176-5d07-4e22-979b-479ef2ffa6d0

Request Chain 325

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=cad039e3-b724-11eb-9101-1586fee60306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---

Request Chain 351

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=cad3bb7b-b724-11eb-8f50-1dbc55590406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---

Request Chain 388

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 389

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 391

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

398 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.blokchaln.com.protect-user-account.com/ 199 KB
35 KB 376ms
302ms Document
text/html 185.178.208.136
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.136 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

e49e85b112effb34dcdd21d5ed973000d4acf7507d4d1c22b7f357d76180c97c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: login.blokchaln.com.protect-user-account.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1=MB8PmmdcUZvKG5o92leB; Domain=.protect-user-account.com; HttpOnly; Path=/; Expires=Tue, 17-May-2022 15:30:10 GMT PHPSESSID=89a40a183a22; path=/
date: Mon, 17 May 2021 15:30:10 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 35322
content-type: text/html; charset=UTF-8

GET
H2 200 mu-style.css
www.freemalaysiatoday.com/wp-content/plugins/sharethis-share-buttons/css/ 0
91 B 102ms
75ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=4.9.8
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 716736
cf-polished: origSize=26
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a1c8c042b0000c2b3148e3000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: "60229070-1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 17 Jun 2021 15:30:11 GMT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 650de2b37b58c2b3-FRA
cf-bgj: minify

GET
H2 200 style.css
www.freemalaysiatoday.com/wp-content/plugins/td-composer/td-multi-purpose/ 67 KB
9 KB 66ms
39ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5fc38ebe4cd95f4806919cfdc5720f1545bc6c8b40900cdd3ab66e053d4be3

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 716736
cf-polished: origSize=69368
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c042b0000c2b318802000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-10ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 650de2b37b59c2b3-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed575d7b4af685ce5b0b384864d3111107352560fd33c0d1b88b54f9d11ba4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 15:18:03 GMT
server: ESF
date: Mon, 17 May 2021 15:30:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 15:30:11 GMT

GET
H2 200 style.css
www.freemalaysiatoday.com/wp-content/themes/Newspaper/ 110 KB
19 KB 66ms
40ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/themes/Newspaper/style.css?ver=9.8
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f5b5eed5dff03e34dafdccd285eb976e16ecea22a6cf2e65b610c516894254

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 716736
cf-polished: origSize=156210
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c042b0000c2b35809d000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-26232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 650de2b37b5bc2b3-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 200 td_legacy_main.css
www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 795 KB
73 KB 85ms
59ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3081fbd6b5e458edde502df8d6fc235c5e9bd517fc161880f803e6dd5a9ba9

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 716736
cf-polished: origSize=1010737
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c042c0000c2b360bb3000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-f6c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 650de2b37b5cc2b3-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 200 column-carousel.css
www.freemalaysiatoday.com/wp-content/uploads/css/ 10 KB
2 KB 75ms
50ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/uploads/css/column-carousel.css
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c015749144df914db71d20cf197ec7a24483683b522c1e58d840b75240b61b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 716735
cf-polished: origSize=12836
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c042c0000c2b35e236000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-3224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 650de2b37b5dc2b3-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 404 api.js
login.blokchaln.com.protect-user-account.com/cdn-cgi/bm/cv/669835187/ 0
0 350ms
349ms Script
text/html 185.178.208.136
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://login.blokchaln.com.protect-user-account.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.136 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: __ddg1=MB8PmmdcUZvKG5o92leB; PHPSESSID=89a40a183a22
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.blokchaln.com.protect-user-account.com
referer: https://login.blokchaln.com.protect-user-account.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
server: ddos-guard
age: 0
date: Mon, 17 May 2021 15:30:11 GMT
content-length: 307
content-type: text/html; charset=iso-8859-1

GET
H2 200 DEKSTOP-272X90.png
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 27 KB
27 KB 37ms
27ms Image
image/png 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/DEKSTOP-272X90.png
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7030ad77d83160d1ea7acf6f38415f54c13e2b7068da847807383ecfce0f0be3

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 526323
cf-polished: origSize=44962
cf-ray: 650de2b39b8dc2b3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27260
x-amz-id-2: PRkcGF52CFznAwR7PyUgBHfXt6bawLCOhOipry07H3FQKMa0zASIDJswv7JKin0RUUWW9Jtn/CQ=
last-modified: Tue, 11 May 2021 12:58:23 GMT
server: cloudflare
etag: "72a15bdfec85b0de0ed4ace69b0c0c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: EAVDH4JE9WXFP3TW
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043c0000c2b366ac8000000001
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:85,h2pri

GET
H2 200 mobile-140x48px-new-logo-2021-1.png
s3media.freemalaysiatoday.com/wp-content/uploads/2021/02/ 3 KB
3 KB 44ms
34ms Image
image/png 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/02/mobile-140x48px-new-logo-2021-1.png
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742f075219bcc287114c2524e97111f1f8ee80fb58b3dcd3cf0fcd6cf15855a6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 716966
cf-polished: origSize=5666
cf-ray: 650de2b39b82c2b3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2886
x-amz-id-2: DDdwKrnLhU5AwFQFoXiNEeau7oW9mxszIFZS7nTOo0FwOfsM5TBLbax+tK0OUcg5pnNdyG+ak7Q=
last-modified: Tue, 16 Feb 2021 01:58:49 GMT
server: cloudflare
etag: "281e72bbb4ac105c10125e0696bc55e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y00F7ZAK7AVC8HKM
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043b0000c2b3541c5000000001
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:85,h2pri

GET
H2 200 FMT-pelajar-sekolah-cina-15.01.2019-7.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2019/01/ 134 KB
134 KB 1447ms
1438ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2019/01/FMT-pelajar-sekolah-cina-15.01.2019-7.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792641a8c7f6cc23be41ea7b8977260961c0ae9c4ea4f744df0a2019720c1af8

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:12 GMT
cf-cache-status: MISS
x-amz-request-id: N7K7WETVE0259C03
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136716
x-amz-id-2: vF1ZhYPV+FcGzz0CgjQQg8ir1IO8RoHRlYdGN0+ne1xTlrpKUz4utby2Qj1Vf7PoPFU5BIffA4Q=
last-modified: Tue, 15 Jan 2019 05:01:31 GMT
server: cloudflare
etag: "9ae892469851cf14cdd26b2ee2fd1898"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043b0000c2b3692af000000001
accept-ranges: bytes
cf-ray: 650de2b39b85c2b3-FRA
expires: Tue, 17 May 2022 15:30:11 GMT

GET
H2 200 Lifestyle-010220.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2020/02/ 55 KB
56 KB 1135ms
1126ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2020/02/Lifestyle-010220.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d991550839b9f9a51020e55179a9b65c54eeb315536ff71df338dae4f7531286

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:12 GMT
cf-cache-status: MISS
x-amz-request-id: N7K2QTV301HZXRKF
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56725
x-amz-id-2: l0uZGOFOPMykbd+AGyS4LQ1Io2iOOAtnNe0arCNFJDztIFDeSJSUrpjW5Bb5UKmWIndrEHTmZfw=
last-modified: Sat, 01 Feb 2020 05:59:45 GMT
server: cloudflare
etag: "86a4dad9479d69f4f896f2abad141a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043c0000c2b3f4b32000000001
accept-ranges: bytes
cf-ray: 650de2b39b8bc2b3-FRA
expires: Tue, 17 May 2022 15:30:11 GMT

GET
H2 200 FMT-pelajar-sekolah-rendah-pelajar-sekolah-menengah-students-school-students-34.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2019/04/ 137 KB
138 KB 1109ms
1100ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2019/04/FMT-pelajar-sekolah-rendah-pelajar-sekolah-menengah-students-school-students-34.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2800016a2e6056b1555b6de689a06bf8928f9392322ed3cb33134628483f0d39

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:12 GMT
cf-cache-status: MISS
x-amz-request-id: N7KEF03EK2R8687W
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140643
x-amz-id-2: pQq7Mpd8ZXfQyuRbyG9wD/67Qrp2FT5FLUHHWpf4HcQqNpoitipup3r5jVKQMbFP6anWZqGM5wI=
last-modified: Mon, 08 Apr 2019 08:19:27 GMT
server: cloudflare
etag: "2a657b5d5a63fc77686edf0ad023a487"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043c0000c2b3301df000000001
accept-ranges: bytes
cf-ray: 650de2b39b87c2b3-FRA
expires: Tue, 17 May 2022 15:30:11 GMT

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 126ms
41ms Stylesheet
text/css 13.224.103.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-170.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 13:54:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 5765
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: oNQ71mKM0jGeGeqDpuevqT0zKYD5BNvm7iJpNf4GSOFtSnXz6ZS4bQ==

GET
H2 200 000_1R09GY-218x150.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2020/05/ 11 KB
12 KB 44ms
35ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2020/05/000_1R09GY-218x150.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 420f6e4c5921ea30ebed955b1c62f3e09aed67882b93bbcf524cbcb02a615969

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 42318
cf-polished: degrade=85, origSize=13062
cf-ray: 650de2b39b8fc2b3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11743
x-amz-id-2: JPzoEmQhVjHxrSCtF/SCYQig4jLm/f60bAB9SnwjCyI84JGfLS0+wyuxXpgtgetc/lVBS9s0hKE=
last-modified: Wed, 06 May 2020 09:13:38 GMT
server: cloudflare
etag: "07929c476e96aecb59b96695b8385a82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 39KWNVCK0T083TX7
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c043c0000c2b3e6a53000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 laptop-working-pixabay170521-218x150.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 7 KB
8 KB 119ms
96ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/laptop-working-pixabay170521-218x150.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a4beb7bb195c6489bf9f6c1ff27c38942f9258ec62f1bfe0a97ffb74de3f96

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 49690
cf-polished: degrade=85, origSize=8066
cf-ray: 650de2b3ebc22b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7409
x-amz-id-2: Cui/JMe27v0oKYZVziiLzQlY0XKzT0gWkGwIQqlqni4EywVU4F8LfcZ0dfP4DKUV8Q5qu0W9FvM=
last-modified: Mon, 17 May 2021 01:32:23 GMT
server: cloudflare
etag: "4f9863456308dbc6570a5eb5cdabbd38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: WW43DMRT5SJXRW31
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047700002b1275a32000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Noorizan-Mohamed-Tokoh-guru-Bernama-218x150.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 10 KB
11 KB 121ms
95ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Noorizan-Mohamed-Tokoh-guru-Bernama-218x150.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3093a4caa25301061ab783ed6f085af6d55f21efcba70c536814bd99c841ca46

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 100621
cf-polished: degrade=85, origSize=11822
cf-ray: 650de2b3fbc42b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10712
x-amz-id-2: eXS6GEjHf/6/Be4V5lS2ZXojrrhkqU73TrsIG177ZazjMCegFHU2KiRSYQuWUIc1/9xC97nrEBE=
last-modified: Sun, 16 May 2021 11:26:45 GMT
server: cloudflare
etag: "8e6b89e9545e0138efe7081a3bdeef08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: GJH03PJ1P28NMHA6
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047700002b12dfad3000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Muhyiddin-Yassin-launching-Jaringan-Prihatin-bernama.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 85 KB
86 KB 46ms
23ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Muhyiddin-Yassin-launching-Jaringan-Prihatin-bernama.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c959ce6d5c94037c54d31e9e9a383bb379e9984ffd91c874db0a0272b053c52f

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 229425
cf-polished: degrade=85, origSize=401463
cf-ray: 650de2b3ebc12b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87450
x-amz-id-2: w7iTpJX7rWwgSrDanjDqrLkibogPxKEsKyiK4Rll16MbmDHIgoeyU8IOaMWceNJ/2HswuuaS1Mc=
last-modified: Fri, 14 May 2021 05:19:22 GMT
server: cloudflare
etag: "9ea2681a9b42bf6db7b8b08e5e55c2a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 940DSHKX6RTT8MQY
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047600002b12bc0a0000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Cover-Image-collage.png
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 515 KB
516 KB 55ms
32ms Image
image/png 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Cover-Image-collage.png
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227fd670e5f17d730c70e9ac469f9a125cf848b2bca79a47b2a425b15366be72

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 403098
cf-polished: origSize=614101
cf-ray: 650de2b3ebc02b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 527269
x-amz-id-2: zDZX41X9GuNqMkVxVc7TLlA52aqjO2iIzqAtBc4FwokjeBmj9VcxLNcErvviHsWAxVZZQQoD9bU=
last-modified: Wed, 12 May 2021 09:47:35 GMT
server: cloudflare
etag: "9537f0652accb209861ec3d728bd14ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: M5A43KTS9TY20YE6
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047600002b126b3a5000000001
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Covid-Public-mask-fmt.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 98 KB
99 KB 40ms
17ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Covid-Public-mask-fmt.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2779c2ff3dc9dfbc282392aa3cb5212f6ad6912ee862441d7183da37e5829ef6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 646467
cf-polished: degrade=85, origSize=243668
cf-ray: 650de2b3ebb92b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100468
x-amz-id-2: kKCQQnDN6ZW8l3Di197KyP3z52sjyVls+VdcmzzeFikO5u4mv089ebbz/kg2GgcS5ECYk+/RsjE=
last-modified: Mon, 10 May 2021 02:14:42 GMT
server: cloudflare
etag: "8b5407d57f2a62f9252a0dc19f6bafd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A5WJ3KD7GY07DBD6
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047600002b1272bcf000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 lifestyle-graduation-emel-pic-070521.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 119 KB
120 KB 72ms
49ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/lifestyle-graduation-emel-pic-070521.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac0b0bb2c86cccb5ec4560e980cc8fe31fb0479eddcaca23c07eb5421b1295f

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 662126
cf-polished: degrade=85, origSize=476337
cf-ray: 650de2b3ebb62b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121995
x-amz-id-2: k4dYvUNFmhzZBWW0f7UYq33xyWWGtUdzIxF0FFxwuQQUDTe2+2rm1VyWUOpqyfpNpIU7UlAs1D8=
last-modified: Fri, 07 May 2021 04:20:04 GMT
server: cloudflare
etag: "ebf6932065200e83c669bc928c2c0305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6GW4EFQR4S8KY409
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047500002b126ea5b000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 towers-11.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/04/ 67 KB
68 KB 84ms
61ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/04/towers-11.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf42d844c65d7fbd123d4692aab6b72cfdb5ce2d4a820ba7e9e6ebbd18118f3d

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 717065
cf-polished: degrade=85, origSize=206040
cf-ray: 650de2b3ebbd2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69085
x-amz-id-2: Gq7DM+6P9qUghFjCrB1GDfA2lAb0mxqfmRHFl0iFxFy7NtSJSXFlA0QdqTKjQKArzyhz9W4ZGjU=
last-modified: Tue, 27 Apr 2021 06:43:23 GMT
server: cloudflare
etag: "a846e5f553689173262143006b565a79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: M2RSF7F2VX73E52H
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047600002b12e3352000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Tajuddin-Mohd-Rasdi-live-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 2 KB
3 KB 125ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Tajuddin-Mohd-Rasdi-live-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3557494ae96e779cde86ac3d71e253e281536b25322f76de94a6a3b14c36b74b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 115
cf-polished: degrade=85, origSize=2893
cf-ray: 650de2b3fbd92b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2419
x-amz-id-2: ZHn0a3oQK8QKTT6tWS3hvYiygSyBPpZZlbSQC/0oKMOmE3fiX3qrBSG7srjo94jrcjaMd+sQV84=
last-modified: Mon, 17 May 2021 15:23:10 GMT
server: cloudflare
etag: "7b552c64512f790fe01607ea7fdb2549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: RAVA8PQ50HNYXDQ5
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047900002b12ab9a4000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Lim-Tean-lawyerr-fb-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 2 KB
3 KB 124ms
98ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Lim-Tean-lawyerr-fb-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d046bd136afc33dba78a850ec7861aae3adc1d28b525efd5cef30d31c98433

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 863
cf-polished: degrade=85, origSize=2888
cf-ray: 650de2b3fbdb2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2337
x-amz-id-2: Jt/Akod/5WJUneRDl6h4ZAxRcASIeL+1jvu2bKlqQGm8PjMpfy7Hhh12t8KQ5x3W1axN6V1XlIM=
last-modified: Mon, 17 May 2021 15:07:12 GMT
server: cloudflare
etag: "a14feb6539727ce87f1821e58c7e2083"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZCF1V0HRDEAY052H
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047a00002b1291071000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Lau-Chin-Kok-MCA-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 2 KB
3 KB 124ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Lau-Chin-Kok-MCA-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd2978a5170ef82d56d00d9d44b5a43b0985f196c056d66c2518ae1174bf4fd

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 6956
cf-polished: degrade=85, origSize=2753
cf-ray: 650de2b3fbdd2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2303
x-amz-id-2: x6CRqHKB6Y40Wf6NtfjufsLpwGm9NJpaZjNFnbCCOoA+oNFsqINCm6JaiU7B+qn4o3Sp3p+0HoU=
last-modified: Mon, 17 May 2021 13:26:38 GMT
server: cloudflare
etag: "eb2ac1bf670a86fd44663b63e9982a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A2S5KXGG3050SYMM
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047b00002b1287938000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 stadium-malawati-vaksin-bernama-2-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 4 KB
4 KB 125ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/stadium-malawati-vaksin-bernama-2-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e0a4228cb950a517cfdbb3f596c38416c799b3737629f12fdc9449717aadd8

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 7738
cf-polished: degrade=85, origSize=4426
cf-ray: 650de2b3fbde2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3702
x-amz-id-2: FewdeEKTvlLTLrRy8Xj9PA+UKLnMvMSQC+bUr9pmkMvDDahc2BjjAac6o/boDKDQkuj8tdjMpV4=
last-modified: Mon, 17 May 2021 13:13:42 GMT
server: cloudflare
etag: "c0d80f2bfd62b6746761016cdaf68ec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 80JX5ANMKZ2FMQN1
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047b00002b1281999000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 mohamad-farouk-eshak-bernama-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
3 KB 125ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/mohamad-farouk-eshak-bernama-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 736b2cf9370a74c388621d1417d0460ab547f467b96d0c53ac9c1d9af7cdb6fd

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 11052
cf-polished: degrade=85, origSize=3053
cf-ray: 650de2b3fbdf2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2571
x-amz-id-2: UldBvL6a0NlBddU486enmqHnjHanIOuAYjmjBIGru4/CtMIosxBapkyiiLig7/fB1lAnhkd3Bhk=
last-modified: Mon, 17 May 2021 12:11:23 GMT
server: cloudflare
etag: "af54814409996d1e15025e30da3e02b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Q14964NWZPDQCSES
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047b00002b129a20a000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Tuchel-170521-AP-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
4 KB 126ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Tuchel-170521-AP-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274cc9afff56763fe535afc4e6fe03176f5450e21b1c746fda76d8d5b1ddaf6f

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 863
cf-polished: degrade=85, origSize=4049
cf-ray: 650de2b3fbe12b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3514
x-amz-id-2: J7SNcvgK4mvL3r8BlQxMbLJxT4xOxuhCtAROo+mGda+WTheryrigDpjNb9SG7GsJSUPMXsmGKmc=
last-modified: Mon, 17 May 2021 14:58:32 GMT
server: cloudflare
etag: "dd47c5efc3185d2c16d3dce2a8a81a97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZCF73QBSC6GSX44A
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047b00002b12c21ce000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Batman-and-Kim-Kardashian_afp-lifestyle-19062020-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2020/06/ 3 KB
4 KB 131ms
103ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2020/06/Batman-and-Kim-Kardashian_afp-lifestyle-19062020-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294764641ec9a12ef2628971e93131a899de4e2161dce6b580bdefcf61c5491b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 3763
cf-polished: degrade=85, origSize=3856
cf-ray: 650de2b3fbe22b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3223
x-amz-id-2: PoF8gJoHnIZ7IRQXDTCmy0akfoCFDGhcpcUJtKL8u4ahinINkHdnKDveQ9cAnKHvUXiJbRKiVjI=
last-modified: Fri, 19 Jun 2020 03:09:52 GMT
server: cloudflare
etag: "0a384790ab053f8f5694ef5378904b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BSGS9WEVFWZ5HFPN
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047c00002b12d8873000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 russia-oil-spill-cleanup-AP070620-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2020/06/ 2 KB
2 KB 131ms
103ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2020/06/russia-oil-spill-cleanup-AP070620-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7e34f504846de6ae6931a551beb8695ec9dc032989ce4f9a371644c0d5352a

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 6956
cf-polished: degrade=85, origSize=2292
cf-ray: 650de2b3fbe52b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1828
x-amz-id-2: SZEcfk91EkOw3Fd6msGAhAOLMjVfzZqOrlIKQHYrS6FHIr/fQQIi0xEUE15VDpdgnyEb4q1jmsY=
last-modified: Sat, 06 Jun 2020 22:16:03 GMT
server: cloudflare
etag: "7c1105e57b78a789280124462e203f0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A2S82HZNTZZSJ9J1
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047c00002b12a91b1000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 FMT-MCDONALDS-210519-21-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2019/05/ 3 KB
3 KB 119ms
95ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2019/05/FMT-MCDONALDS-210519-21-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e478af26d292656393aacd8774b4474bd33a71e3758c81bbe3edebb49ede388c

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 12223
cf-polished: degrade=85, origSize=3490
cf-ray: 650de2b3fbc62b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2950
x-amz-id-2: trAk8FJJqNJytW1l862Z6FvByqO1vHzxMnArzRYPNW3lfcneBDkdqNXAXDmkLwDD1jLqjQjgaLM=
last-modified: Wed, 13 Jan 2021 07:10:36 GMT
server: cloudflare
etag: "52bd7e09baf604553e3e1807d750ca91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BJ9DKG6KNFXD5ZEK
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047700002b128badf000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Hospital-Covid19-Fb-Noor-Hisham-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
3 KB 120ms
95ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Hospital-Covid19-Fb-Noor-Hisham-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e801bde8ed3cf27930e000c21ebc76ad916e839d5ac922116d20c38b2f36eaec

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 203039
cf-polished: degrade=85, origSize=3157
cf-ray: 650de2b3fbc82b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2618
x-amz-id-2: O792R6xMuT/n71x6SuiopJ72fpsN2dMa/jeTo2xgGgKiT+1ow+UQVU7pZ5KiSGq1OoTdgATXgM4=
last-modified: Tue, 11 May 2021 08:36:01 GMT
server: cloudflare
etag: "c3487a25a24e2b36faa1b6a8721ccb41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y7J688RC2J3R9FJK
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047700002b12cf8e9000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Michael-Geh-emel-pic-150521-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
4 KB 122ms
97ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Michael-Geh-emel-pic-150521-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7148017a9d12a6eb01bb644e4426af2d7fc30d26a187e9b23b4209cb4bc96b6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 187748
cf-polished: degrade=85, origSize=3992
cf-ray: 650de2b3fbcc2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3373
x-amz-id-2: 9Ng9fd525opHrOwbJcQcIAOUh8/KA72wdS6Czr+Pnts1jzaUYWywIgS/wkIekRGfzY8BfrFvF1s=
last-modified: Sat, 15 May 2021 11:19:44 GMT
server: cloudflare
etag: "ebfd30f94b6bbc73dc919f4d75c0ee50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: YYB4243H43T1ADH0
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047900002b12cab56000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Audi-R7-Putus-2-emel-pic-bomba-150521-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 2 KB
3 KB 122ms
98ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Audi-R7-Putus-2-emel-pic-bomba-150521-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e52e5d85b65d574e86d7f744fe4a7642d9e245a6098ca2bc6e41c25affc78a

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 171557
cf-polished: degrade=85, origSize=3091
cf-ray: 650de2b3fbce2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2548
x-amz-id-2: 3PwscENPWACjQFmihdz21StAtlKZ8dWQvCao2KvGoLOpltnpJUJZDtRQuuAFXrPm5o8zKi4vUQ8=
last-modified: Sat, 15 May 2021 15:47:33 GMT
server: cloudflare
etag: "c00061cbb30fa083c50a897f2bcfa35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 68FQBB19KM89JQTQ
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047800002b127b2f2000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Taman-Sri-Rampai-bayi-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
3 KB 123ms
98ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Taman-Sri-Rampai-bayi-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e581943d6679297871ff8cf3a21e400d90be941a424b208b031534f7418e59

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 114
cf-polished: degrade=85, origSize=3353
cf-ray: 650de2b3fbd22b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2797
x-amz-id-2: j4lhOn2SThodrw/V3M1YZLahJNCTBzASDehnD/9ckS7NPkN1Tsfm9rm4prBe9VhLNTs34sFYT2g=
last-modified: Mon, 17 May 2021 15:27:25 GMT
server: cloudflare
etag: "036db3a89a8f418888c0d06879c16d94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 66GG5BCJ0KDE7FCR
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047900002b12e228d000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Agong-Solat-Hajat-Bernama-100x70.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 3 KB
4 KB 586ms
561ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Agong-Solat-Hajat-Bernama-100x70.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 606cb7f4969ded9a1615fca4c0db0847223820d6295527932c1b802170bbe778

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: MISS
x-amz-request-id: N7K0BTWB3TW92EMR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3258
x-amz-id-2: 9AIEXc0T2YjcXSQtc3r2o416Uwe8hC+xN4z5+hRNARF0ZdqcsZEYXV5Y9QtE1i2DMepveUpfFqo=
last-modified: Mon, 17 May 2021 15:23:39 GMT
server: cloudflare
etag: "2e319b47d474a56b36d9fa8f9bc0df49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c047900002b12b43ff000000001
accept-ranges: bytes
cf-ray: 650de2b3fbd82b12-FRA
expires: Tue, 17 May 2022 15:30:11 GMT

GET
H2 200 uikit4.css
www.freemalaysiatoday.com/wp-content/uploads/css/ 346 KB
37 KB 46ms
46ms Stylesheet
text/css 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/uploads/css/uikit4.css
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b113e28b52c7741ba36a1723e2063562e018168670f5daa7a5edcf6abf1195b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 716735
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c044d0000c2b315bb0000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-568aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 650de2b3abbbc2b3-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 38ms
12ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a1c8c046600001f2174abd000000001
last-modified: Tue, 11 May 2021 15:38:57 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609aa511-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=URN7hjlK2yVzAuYX6z8SP185ISf8UnFWRkg95QCNG7mIJ1kkWsX5EblGY42MjJjDqxXjru2q0vFmPj%2F9fkNWcwcPV8k0oNGX%2B8Etj9y84VOQSfJ8WLO0nF22AsQm6p5O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 650de2b3dc071f21-FRA
expires: Wed, 19 May 2021 15:30:11 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET newspaper.woff
www.freemalaysiatoday.com/wp-content/themes/Newspaper/images/icons/ 0
0

GET newspaper-icons.woff
www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 0
0

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 105993
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 573480
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 11 May 2022 00:12:11 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 567574
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 11 May 2022 01:50:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 499773
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 11 May 2022 20:40:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 395199
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 13 May 2022 01:43:32 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:44:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:37 GMT
server: sffe
age: 344769
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13780
x-xss-protection: 0
expires: Fri, 13 May 2022 15:44:02 GMT

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:35:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 345280
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
expires: Fri, 13 May 2022 15:35:31 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 345282
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 13 May 2022 15:35:29 GMT

GET
H3-29 200 01-324x400.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 35 KB
36 KB 30ms
30ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/01-324x400.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 144643677fa783c4ef28117ea544772e95d17b80d39d44a12455908ffa0dc349

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 306375
cf-polished: degrade=85, origSize=38977
cf-ray: 650de2b6fbfa2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35926
x-amz-id-2: 1FYF6CDkJl4pFAzsfxBqV0LtWAJWUiByqT6NIsgs+fC0otXUzXU5cqhpLxJHPSIIVimanFlDYZo=
last-modified: Thu, 13 May 2021 08:50:16 GMT
server: cloudflare
etag: "31263cf8d792e0a8e3b89c7ace544ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: D02R3RT99WXJDAZS
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c065c00002b12673f6000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 Thumbnail-324x400.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 35 KB
35 KB 26ms
26ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/Thumbnail-324x400.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8aadad367880ae5621d111873c6636394c4f1dc2d1e81617dc48f7dcd6916c

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 717065
cf-polished: degrade=85, origSize=36480
cf-ray: 650de2b6fc002b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35628
x-amz-id-2: lhkOVmfBOoJWtTYAaCA2eg4zhuE+QG/jY8RvONeOUUBEYhKyiTh5xc0voN3AeSH2apIiTZ+6xmY=
last-modified: Fri, 07 May 2021 07:41:18 GMT
server: cloudflare
etag: "6693b2e3e4582b403a1a3fc46cd33f66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: M2RWRGN5ABTEMYZZ
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c065c00002b12b6b5f000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 9-324x400.jpg
s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/ 45 KB
45 KB 19ms
19ms Image
image/jpeg 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3media.freemalaysiatoday.com/wp-content/uploads/2021/05/9-324x400.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a27a440004f20ee36f34f1b8df91b7def4bd4f38b6dfc035386eebfd46128426

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
cf-cache-status: HIT
age: 717065
cf-polished: degrade=85, origSize=47808
cf-ray: 650de2b6fc022b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45746
x-amz-id-2: CVzgJk6rxWxgUJECeM+HDxWbfZgRlc6e7wbUdF/8mGYXEcgAJ9sJ/6+KGa63OFydCs0hHdO5H1E=
last-modified: Wed, 05 May 2021 05:01:54 GMT
server: cloudflare
etag: "bcbf36d27ecc48b758b62aa671508e76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: M2RZ9TZB07PWWYMX
expires: Tue, 17 May 2022 15:30:11 GMT
cache-control: public, max-age=31536000
cf-request-id: 0a1c8c065d00002b129a232000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 23:23:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:50 GMT
server: sffe
age: 576380
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
expires: Tue, 10 May 2022 23:23:51 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 394028
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13852
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:03 GMT

GET
H3-29 200 uikit.js Show response
www.freemalaysiatoday.com/wp-content/uploads/js/ 185 KB
48 KB 35ms
34ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/uploads/js/uikit.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4ad6bcb62f6dbd4bdf61347d9e6b7e1576a470a6844049b7aab0e4a4ea76dd

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 717065
cf-polished: origSize=337122
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b700002b126a24f000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-524e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78dac2b12-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H3-29 200 ajax-forms.min.js Show response
www.freemalaysiatoday.com/wp-content/plugins/mc4wp-premium/ajax-forms/assets/js/ 5 KB
2 KB 28ms
27ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/mc4wp-premium/ajax-forms/assets/js/ajax-forms.min.js?ver=4.6.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f52d668ce099105b8ef434b6bf9e877fb2e050e97ad1ad1ce99622af6ab3c59

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717065
etag: W/"60229070-14f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78dad2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b800002b12e338e000000001
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H3-29 200 forms-api.min.js Show response
www.freemalaysiatoday.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 10 KB
4 KB 39ms
37ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.6.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12438c0ba99111a720881c2f9c37975329b4cc457122a39229efee127b250ff5

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717065
etag: W/"60229070-2825"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78db22b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b800002b127813a000000001
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H3-29 200 wp-embed.min.js Show response
www.freemalaysiatoday.com/wp-includes/js/ 1 KB
990 B 22ms
21ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717064
etag: W/"60229070-576"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2b78db42b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b800002b126eaa4000000001
expires: Wed, 16 Jun 2021 15:30:11 GMT

GET
H3-29 200 comment-reply.min.js Show response
www.freemalaysiatoday.com/wp-includes/js/ 1 KB
842 B 33ms
32ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-includes/js/comment-reply.min.js?ver=4.9.8
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717064
etag: W/"60229070-436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2b78db72b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b900002b12ad8fc000000001
expires: Wed, 16 Jun 2021 15:30:11 GMT

GET
H3-29 200 tagdiv_theme.min.js Show response
www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 223 KB
49 KB 28ms
26ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.8
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717065
etag: W/"60229070-37bf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78dba2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b900002b12e22d0000000001
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H3-29 200 custom.js Show response
www.freemalaysiatoday.com/wp-content/uploads/js/ 7 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/uploads/js/custom.js?v=2.0.15
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077432caac84d8de33774c45eba0e04cbbf27926ec33e3cf478b60fef30dd1ef

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 717065
cf-polished: origSize=9894
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06b900002b128797a000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-26a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78dbd2b12-FRA
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H3-29 200 bootstrap.min.js Show response
www.freemalaysiatoday.com/wp-content/uploads/js/ 27 KB
7 KB 24ms
23ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-content/uploads/js/bootstrap.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717065
etag: W/"60229070-6c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 650de2b78dbe2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06ba00002b128bb1c000000001
expires: Thu, 17 Jun 2021 15:30:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf63af61eae56517944f32094187ba6082c7d29cfaac60064142769f57af1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 883 of 1000 / last-modified: 1621249903"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:11 GMT

GET
H3-29 200 firebase-config.js Show response
www.freemalaysiatoday.com/ 10 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/firebase-config.js?v=1.0.3
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cfee915ca3b52bd2712d8c5b6cc37562f984f0eb1bf713cfa55c07b4ad831ce

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 717064
cf-polished: origSize=14892
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06ba00002b126b3d9000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-3a2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2b78dc02b12-FRA
expires: Wed, 16 Jun 2021 15:30:11 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.0.4/ 32 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.0.4/firebase-messaging.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 16:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 May 2019 01:01:06 GMT
server: sffe
age: 340835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8748
x-xss-protection: 0
expires: Fri, 13 May 2022 16:49:36 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.0.4/ 11 KB
4 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.0.4/firebase-app.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b98f1b0515843ffc311314fba77e1475347d89981a1d966ebdc2db7c99a7515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 08:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 May 2019 01:01:04 GMT
server: sffe
age: 371899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3865
x-xss-protection: 0
expires: Fri, 13 May 2022 08:11:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-13201505-2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50f37df3a911f69fa5db61519e6becbdfc7a90602cead41bda596cf063539393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35637
x-xss-protection: 0
last-modified: Mon, 17 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 15:30:11 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
www.freemalaysiatoday.com/wp-includes/js/jquery/ 10 KB
4 KB 30ms
28ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 717064
etag: W/"60229070-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2b78dc22b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06bb00002b1267be5000000001
expires: Wed, 16 Jun 2021 15:30:11 GMT

GET
H3-29 200 jquery.js Show response
www.freemalaysiatoday.com/wp-includes/js/jquery/ 95 KB
32 KB 38ms
36ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 717064
cf-polished: origSize=97184
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c06bb00002b126a250000000001
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
etag: W/"60229070-17ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2b78dc72b12-FRA
expires: Wed, 16 Jun 2021 15:30:11 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 53ms
20ms Script
text/javascript 2600:9000:2190:800:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:22:22 GMT
content-encoding: gzip
age: 469
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: wifgxT_Go9GubF0VZcL_WbWIBkS5TTKCRVDQMMnLFo4jhYWLstrsYA==

GET newspaper-icons.ttf
www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 0
0

GET newspaper.ttf
www.freemalaysiatoday.com/wp-content/themes/Newspaper/images/icons/ 0
0

GET
H3-29 200 wp-emoji-release.min.js Show response
www.freemalaysiatoday.com/wp-includes/js/ 12 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700::6812:5a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freemalaysiatoday.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 13:38:56 GMT
server: cloudflare
age: 716734
etag: W/"60229070-2efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 650de2c3ae3b2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1c8c0e4b00002b12dfbe7000000001
expires: Wed, 16 Jun 2021 15:30:13 GMT

GET
H2 200 5fdaff3a934c8b0012486991.js Show response
buttons-config.sharethis.com/js/ 447 B
822 B 64ms
31ms Script
text/javascript 2600:9000:2190:9400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5fdaff3a934c8b0012486991.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a08106c0e8f35b6d783a7e80d3c8f3302cb63b35f75d51027984065e6bc87eca

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 15:30:13 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
last-modified: Sun, 20 Dec 2020 02:01:53 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "25935af6a97dbe07141a015103cbebb0"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 447
x-amz-cf-id: 1JmmcrUzVDuSjJLF1S3CAl38WL-HpSJ_tnfFErP_SbPVuqzD3yrzNA==

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 044C 2 KB
1 KB 31ms
9ms Document
text/html 2600:9000:2156:3000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Mon, 17 May 2021 15:25:19 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nZhxnjDIr8aAtT6FxLGmEtbnvb5fR6DHFtr2UCuGf0MRMwS5x2uxGg==
age: 294

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-13201505-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 17
date: Mon, 17 May 2021 15:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 17:29:56 GMT

GET
H2 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 114ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:14 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1410385400&t=pageview&_s=1&dl=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&ul=en-us&de=UTF-8&dt=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1727731526&gjid=2017565076&cid=926956833.1621265414&tid=UA-13201505-2&_gid=527484589.1621265414&_r=1&gtm=2ou5c1&z=1411933253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6034955/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

32ms
31ms

Script
application/javascript

99.86.2.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-96.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:16:16 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 839
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: fgtZZ-1YB11GT-y6k5c6lR_ROm5rFGcIcA28Eqwhzv31U0p-X5uJuA==

Redirect headers

date: Mon, 17 May 2021 15:30:14 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: kh1X5fBtk_LwOfaeRItWezcKqey75GmaccILeL5H2zEXMQgQRPCM-g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
108 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-13201505-2&cid=926956833.1621265414&jid=1727731526&gjid=2017565076&_gid=527484589.1621265414&_u=YEBAAUAAAAAAAC~&z=1283181221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 15:30:14 GMT
content-type: text/plain
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
366 B 150ms
33ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=login.blokchaln.com.protect-user-account.com&location=%2F&product=inline-share-buttons-wp&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&cms=unknown&publisher=5fdaff3a934c8b0012486991&sop=true&bsamesite=true&consent_cookie_duration=305&consent_duration=305&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=This%20article%20takes%20a%20look%20at%20why%20Malaysia%27s%20education%20system%20is%20doing%20a%20disservice%20to%20the%20country%27s%20children.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:14 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://login.blokchaln.com.protect-user-account.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-13201505-2&cid=926956833.1621265414&jid=1727731526&_u=YEBAAUAAAAAAAC~&z=1710950051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-13201505-2&cid=926956833.1621265414&jid=1727731526&_u=YEBAAUAAAAAAAC~&z=1710950051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=login.blokchaln.com.protect-user-account.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=login.blokchaln.com.protect-user-account.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 1796ms
1756ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Home_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414354&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=193&adks=3204544077&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc8f861ea18038dcdd37278c151005815d0c7643f7c6756a57bd61b9a878d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12170
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 58ms
13ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 947ms
909ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Home_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414369&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2634242339&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=0x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9fa9a468b353d73acb7e1465c2e778c10f0e01e1460dd8a33a81b04f2767fd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
google-lineitem-id: 5651853108
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346556216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 720ms
683ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Home_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414375&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1342397903&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=0x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1072d999f07e32def8fc4e0633a79bb0171c43579f429b5098b59855f441bda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13380
x-xss-protection: 0
google-lineitem-id: 5690101372
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349241547
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 2009ms
1972ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Mobile_Home_Leaderboard_320x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C300x100&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414390&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3036970532&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x0&msz=0x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5e30226e5f7510a0ca166fcc9752a30cb5d0a088cc38d0e4ad3bf1071509b533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
google-lineitem-id: 5654246280
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344977720
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 726ms
692ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414396&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=266&adys=1221&adks=3045597540&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x1&msz=1x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e1a07847a33cc6fdff539055f36dc3a60369b47ffb367a18b8ccf63c4efc7c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4417
x-xss-protection: 0
google-lineitem-id: 5029928542
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138266912142
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 717ms
684ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_INNITY_WEB_ARTICLE_UT_1X1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414405&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=266&adys=1230&adks=2228171349&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x1&msz=1x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

abe082af249cb695e1a36dd2aa90acce5252b388813599f28769e0b0c80e4207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4974
x-xss-protection: 0
google-lineitem-id: 4814144044
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138245989372
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 475 B
279 B 557ms
524ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_INNITY_MOBILE_ARTICLE_UT_1X1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414415&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1937043373&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e721d68e017b139b4ce179fc81c1687116bab4155828db0e2450f51960be9de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 564ms
530ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Mobile_IN_ARTICLE_300X250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414435&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=464&adys=1239&adks=550154393&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x0&msz=696x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c8f4d1094b1deb1803fa9dd3b7b82dc1b0971bd3a500d5bfae2e1c37e8e8630d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10648
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 3003ms
2968ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_Leaderboard_Top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414441&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=266&adys=1710&adks=2555806101&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x90&msz=728x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

53ab9f6113e6663712b0a604bed4abf46b3bee738e5bd12c9439ec71bb287d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12110
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 2637ms
2603ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Mobile_IN_ARTICLE_320x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C320x100&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414450&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1992378905&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c266c9ae60ecd1a496c75cc6f4db3a5c4aaaefa38ea56d7ab5780eb37dbe635f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13634
x-xss-protection: 0
google-lineitem-id: 5686991207
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349252609
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 1268ms
1236ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_Leaderboard_Top2_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414454&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=266&adys=3748&adks=3898240167&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x90&msz=728x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

66f5800e7da454fc88c05bf7736e897b3935c3f35f67f46deeb0e81cb1c33053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11937
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 3642ms
3611ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Mobile_POST_ARTICLE_300X250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414460&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=464&adys=4400&adks=334544686&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x440&msz=300x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f9735356210677c844757cf7554eaaea1aa1436686d9d0e019b3a07d8285f73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
google-lineitem-id: 4576045636
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138268765737
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 3632ms
3603ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_RSidebar_1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414471&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=237&adks=1144037825&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=324&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c143c60d1524b04549b166b2b82718da055c4a8ea045f845d2273de1ecf80fcc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaCraqE0fACFZNT4AodQnAKcw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4202332729906223417/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaCraqE0fACFZNT4AodQnAKcw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4202332729906223417/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25474
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 17 May 2021 15:30:18 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 3653ms
3625ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_Home_RSidebar_300x745&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414475&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=525&adks=3980488743&ucis=e&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=324&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b64c8c687e035d281f152fb3d41a4e17f2e8abae2e2e00ea2ea41180f5778a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13226
x-xss-protection: 0
google-lineitem-id: 5594544618
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337866454
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 3641ms
3615ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_RSidebar2_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414481&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=669024495&ucis=f&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x0&msz=0x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=132&ohw=324&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1dd10fff2c800b3990cd8ee3bfa8959b7803ee0ad034e8debc21beb571082d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
google-lineitem-id: 5594544618
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348349105
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 3647ms
3627ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_RSidebar_2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x300%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414497&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=2183&adks=1923846467&ucis=g&ifi=16&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=324&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f625425a445a0c29242f527ae55b3627d0b87c8366d495224c5bf01cf7c2d599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
google-lineitem-id: 4999934346
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138264940723
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 2344ms
2326ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=722619200445837&correlator=968692261973726&output=ldjh&impl=fifs&eid=31060853%2C31060998%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=26812591%2CFMT_ROS_RSidebar_3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x300%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621265414&dt=1621265414501&dlt=1621265411085&idt=3107&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=3815&adks=281815157&ucis=h&ifi=17&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=926956833.1621265414&ga_sid=1621265414&ga_hid=1410385400&ga_fc=false&fws=4&ohw=324&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

10b29a73b0234f4449369c6f92f795f0cec7e034360587c2630c68cac99fd35c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSK8qmE0fACFVCM3godnHUPBw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4202332729906223417/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSK8qmE0fACFVCM3godnHUPBw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4202332729906223417/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25567
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 17 May 2021 15:30:16 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/freemalaysiatoday/ 279 KB
30 KB 308ms
246ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/freemalaysiatoday/loader.js
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21ad18b79e79fa70b7d49336d0da06e7a9725cf311add68e26fb7691c5c3c6b8

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pPt1m1WEtYAk1r4FYkaX1RlE8WUlUyDg
content-encoding: gzip
etag: "53d50829e03790e94ed432750d555b29"
age: 0
x-cache: HIT
content-length: 30437
x-amz-id-2: be9a4pTelUfcgwQqQBif1qOK0YTpH+FUPYRoDy6Q2Esyzf+NGzSVD3FAaepXbmAMX0xdhVGhVfY=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 06 May 2021 12:19:47 GMT
server: AmazonS3
x-timer: S1621265415.714011,VS0,VE217
date: Mon, 17 May 2021 15:30:14 GMT
vary: Accept-Encoding
x-amz-request-id: R5WR268XR88G8S85
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 30
x-cache-hits: 1

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with...

64 B
328 B

33ms
32ms

Image
image/gif

99.86.2.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-96.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: S-u6wIwFgDi-fQpfAFAYEc30H_h02KM_Lq62sTtn49H1KsCG_0E5Xg==

Redirect headers

date: Mon, 17 May 2021 15:30:14 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b2&cv=3.8.0.210223&ns__t=1621265414663&ns_c=UTF-8&c7=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&c8=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&c9=
content-length: 298
x-amz-cf-id: 1eMXykMOyiuFLLSBzlS4FXnPC3Dc00v9q4IMbibKnApBZbbnjotR-A==

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 21:43:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:45 GMT
server: sffe
age: 582407
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
expires: Tue, 10 May 2022 21:43:27 GMT

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 154 B
400 B 425ms
112ms Script
text/javascript 204.236.217.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.236.217.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-204-236-217-48.compute-1.amazonaws.com
Software: / Express
Resource Hash: b9006d2b227b622a490a6a579c534565b60413b4b79e0aaf4129716528b836d9

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:15 GMT
Cache-Control: public, max-age=900
ETag: 448589628e2a6e5b61e6b253c063163b
Connection: keep-alive
X-Powered-By: Express
Content-Length: 154
Content-Type: text/javascript; charset=utf-8

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 27ms
8ms Script
application/x-javascript 2600:9000:2057:f400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:20:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 571
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 02dc3aphqo_8vkwt2a88xNkZ1XCS1dvrqgkjEQkj8Mes5bSbr5b2hg==
expires: Tue, 18 May 2021 15:20:42 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
676 B 31ms
9ms Image
image/svg+xml 2600:9000:2057:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 May 2021 17:58:44 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 250290
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 6GY0i_plRne5J7WDIPiHiEwwL1XJX0olHduVOmBR6qtlhUgjVXVqSA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 31ms
10ms Image
image/svg+xml 2600:9000:2057:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Apr 2021 09:16:00 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2528055
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: -YvQHP4dKq9WYIaQpF10xvQiGcO_sWAZ8lmOYEUZVy20IhBs5vBmpA==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 31ms
10ms Image
image/svg+xml 2600:9000:2057:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Apr 2021 10:59:16 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2521859
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: Hu_GfHYUKi07pJJsS7Vh3p-62DsemrTUe8xsy3w_m_9zzcIuZ60gjA==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
721 B 32ms
11ms Image
image/svg+xml 2600:9000:2057:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 May 2021 01:48:15 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 481320
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: vbTxNWiVM3Tnlt-sBJGz-KpVkBodX6jHlBvXU5KTOBoq4ODFsjzviw==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

648bafc4e157111d2fb4be536e6576bc0b6774d8c54173c60ec032d02c34dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7628
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 302ms
97ms Image
image/gif 34.197.178.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=freemalaysiatoday.com&p=%2Fcategory%2Fleisure%2F2020%2F02%2F02%2Fthe-problems-with-our-local-education-system%2F&u=DNmNhvpWJPu3MZ3S&d=login.blokchaln.com.protect-user-account.com&g=65124&g0=Highlight%2C%20Lifestyle%2C%20Top%20Lifestyle&g1=School%20Advisor&n=1&f=00001&c=0&x=0&m=0&y=5784&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2961&t=BTyCVFCXSUfPF9THHBEGkWeCY9nfE&V=126&i=The%20problems%20with%20our%20local%20education%20system%20%7C%20Free%20Malaysia%20Today%20(FMT)&tz=-120&sn=1&sv=CyoXxcCiAz-LDWaITXMU2wMC6y-tf&sd=1&im=067b0cd3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.178.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-178-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 impl.20210506-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 483 KB
111 KB 29ms
29ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freemalaysiatoday/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 41boWY3bJBMsg5YZKthz6VWW_ra1A1Nu
content-encoding: br
etag: "6d4c8a6b6f8d35505c6e01c7fb07f642"
age: 24767
x-cache: HIT
content-length: 113273
x-amz-id-2: Jz+mk2WKho6pVenJ+RfhB43/gV2OpeYCHC3M3A3hzF3mg6O2HNBjn0UGO0PBZHwMROEquGuYEoM=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 06 May 2021 08:25:51 GMT
server: AmazonS3-br
x-timer: S1621265415.194658,VS0,VE0
date: Mon, 17 May 2021 15:30:15 GMT
vary: Accept-Encoding
x-amz-request-id: EX5RYS5ZXRCN50PS
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 87
x-cache-hits: 117395

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032104130153000/ Frame A737 192 KB
55 KB 67ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 167240
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55476
x-xss-protection: 0
server: sffe
date: Sat, 15 May 2021 17:02:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9bc265c4d5adfa7f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 17:02:55 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032104130153000/v0/ Frame A737 12 KB
5 KB 82ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032104130153000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 164864
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4561
x-xss-protection: 0
server: sffe
date: Sat, 15 May 2021 17:42:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f7d3159bb96ed225"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 17:42:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032104130153000/v0/ Frame A737 88 KB
27 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032104130153000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 167238
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27392
x-xss-protection: 0
server: sffe
date: Sat, 15 May 2021 17:02:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "025b1bcedb95d6d9"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 17:02:57 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032104130153000/v0/ Frame A737 4 KB
2 KB 85ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032104130153000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 275026
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 11:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26e8fee94434f5d6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 11:06:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032104130153000/v0/ Frame A737 40 KB
13 KB 86ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032104130153000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 164864
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12750
x-xss-protection: 0
server: sffe
date: Sat, 15 May 2021 17:42:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73bdf441b447cfc6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 17:42:31 GMT

GET
DATA 200
OK truncated
/ Frame A737 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e34c94e94c508b64d7427222cde11cef9835dfb7aec44874585b6bf50fb8e9b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7734053729055059630
tpc.googlesyndication.com/simgad/ Frame A737 135 KB
136 KB 51ms
15ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7734053729055059630

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d335bed5316c5376b52fc17010f040e4f3ec93d3aa92eefade53da11b662cde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:37:05 GMT
x-content-type-options: nosniff
age: 467590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138652
x-xss-protection: 0
last-modified: Thu, 21 May 2020 09:06:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 05:37:05 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A737 2 KB
3 KB 32ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41459
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A737 295 B
424 B 31ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37578
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A737 0
0 86ms
70ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C72JDBoyiYOO9I4uK7gP84JiIB-Haydtiw6qpzM0N5IK7-5oCEAEgx5-2K2D7gYCAiAqgAerribsDyAED4AIAqAMByAMIqgSQAk_Q9GybWGNGuqxiQNZRJJm-Rk1GPuhuDNONwJZTP_sby_kQ2cmssTDaX7bWC5hlVX6Tr016NV6FleakbEu7thINAKtDe-pSXNp3q7UUBcKJBxKgePzoQ-dLGaKtfVuyWVDJaBle72bHKRA7MhcIEqM9jSYJEnQ_gkX0BCwahTuqM77TvLRdEBIKMmCNtj5Y9DG90-T4PzBlKxxlbFpKZfc672bW1ngquUHly8le2hPo2-in7QVVrAfMCKX-JBSb4kRMupYEBKj3yl9NSbAsOgo1SVdpgB-9XmSgKhJjKVgSCuN9UhABYwmOfkwhF9i6PXWVaVLJVycnl-6KoFq7KMxj5Uj5n_pkPTjZ_jKuwMAcwATVz8DdsAPgBAGSBQQIBBgBkgUECAUYBKAGA4AH_pP2RKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDr1QHSCAkIgOGAUBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItNDg1MjY0ODY3NjMxNzQzNw&sigh=2l6TKtFS7tM
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
26ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FFD 0
0 95ms
62ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss43Y4Y9KqJtT_eLZN9kjWShLFlc06VSXR8O14mAlKWdGDkyLRbNSiOpG9M7Itnyf9qU4snM8btpvh1igJ5FOqlDrgJ3amEZL61X9jqapUo1JdoaqQUbcmiQLfkajFUrQZUGWTXvCnJwppKz4z3n9C84k83-6L_1UCu84_nN3br9tSRDbVp17RoJ8JjW0mIjqzxGARFw9Me_JSB2CyqYOT-AinA50ryseM2xXT8vt91KOcGQlatWhLeLbFqLNLM7GgMMOIuTnCKznml0K4Xbq0MOVHcsVbMi_rH1Z4p9AZwATw-MjVYiq2gm70zKT1oSeRIMNafBovotC_Eb2AoLo-plA9RHKfHHOqY&sai=AMfl-YRk_WP4LXN6VkorQXQY_2UV6bKDRV2pFwC2iwlMs5VtsCeWi2XLNsutsTnDOjoXlfaqX6tIz2SsuHeLksRQdOR7IrItLEfCY9xrQIE0QnDdNIDlcCr4GTgJ2BYTG8H5&sig=Cg0ArKJSzH2wcTETop06EAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 0FFD 17 KB
7 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0FFD 2 KB
1 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FFD 117 KB
36 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0FFD 0
0 42ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSw3YMI-78erN5J3sejpQUQo4SUK5K1FBHaFsgho-SqsdkEfd2znzLtO91PZcdnJbhamdz-
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16715200646000894640
tpc.googlesyndication.com/simgad/ Frame 0FFD 42 KB
42 KB 30ms
21ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16715200646000894640

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06ab30ab5b187bd75c4ffc488d74f7f2399da3b675ef5a9e9c9597cb1e4058e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:42:58 GMT
x-content-type-options: nosniff
age: 467237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43425
x-xss-protection: 0
last-modified: Wed, 12 May 2021 05:19:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 05:42:58 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C42C 0
0 71ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspdvAWIxdtEij92EomGc-JnjE2MZq6ggiM5wXP_Pfkc4wlJK2sAaZBSzK0Ze0LqlbSW-ARkWCmOJInjcOj9yK8emZEcpH0plHTeRUNBAfSelxftapEsDUsZK6FyfT_AvYUZ-MWI3wo9XWsf3jlNXrgWrXZe6eC3fmBuAZJR2LimgXwaZvWjh9d7CbcB-oIky1VRCnYGenoWK27z0uXWohsSb07r4afr0e3_O0Abt0-j0BPyh-y9ejzKAgwzaFi88CavrYSgYMXMLq1K7FbfAg2twElLNVp9scKKR7QssqSQHsJuXkOdfmVVd_dbH8plgiKHS__hFFKEtN1b5UacvdBx_fBLi-gmWFxgTR1&sai=AMfl-YQ1fDWLe3U0LC_nIAO-CVZ1r-WYQs4K4dY_eVnqk2eXihMvCv3zIMKD3qhiM9Ezmij2zCxZ-oXPpknlaEf_dNXMN1EmfYYW2kThmKqEU3fSO4HjAzvn5DRZIa3AV5uM&sig=Cg0ArKJSzIQ0EZysDCSvEAE&urlfix=1&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame C42C 10 KB
4 KB 126ms
33ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Tue, 18 May 2021 15:30:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C42C 117 KB
36 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9814 0
0 68ms
62ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszouNBhbtozbEFha-6KU0K8pG1TX_SsRUarJILVabWCZ6CfY0I7NfrztTl8rewX6d7oAJJGfRd7NXNe94xXuVAlkxTTpDeL8KsshO6Cwi2VPWgGyoTJfXjXUGmOmE1cKaqSwvTbW_RKykJSTZbJeIl6bpX5JJ2Ao361g48kEMPJMzfrbU7cBxFzaC8oSKbHHy2Fq_Un0MvMRNwD7kQOd9XG2vscSan-qO3yazf58Ul7tqqhZ3SRMG2yajPMZQUDoW_3FUw7rzCoboknjiz70ED0NohKdAm1LJoOYZS2m7B_PSMuqGiHGIEVqPn9-ctLqYK92RhJm6X7E5A2YWWaA&sai=AMfl-YTUlQIBjCgAT5wB029YPbHJSsEyD5Hz-qjsPWFwbpfjys_aCD7HxYLLxHyqQccMNnubchGtjgdcDWEe3S5-4Bn3RsYyUF15w0EaDew_Kk2xMMMJPne5RzncA9szKeg&sig=Cg0ArKJSzKTgboNsDxfYEAE&urlfix=1&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ Frame 9814 27 KB
9 KB 145ms
33ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fbe99cac77c56627e9529552e91498163cb49c395e5dd7e0aa8e24ff07c74e5

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 19:18:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6009d36e-6cbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9814 117 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 417C 0
0 78ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMV-OIBp7t_JSv0PaVKtIHIUUZTfqjkpr3UR1v_itfBk_nAk_6py5d2p4viUcuSQ1SERIlGwDrKsUu9UqpRcU9YJCwysUXgxIHIjW9QeThHQRtacvQQ9U8gysFwCxtS9U6IKB4rMM0rQPo6iaK7n6fa3Xdx9oOPNa7Y950IEF5xTZMUj8y-drmIkOKF8WtUWa9NCWsHlPFLxBivksn6uxfugAIRButJvo5PC5O5WiKNNyZmHrQ-k-GcQ6tk2Sf4jVc66LnptIE9A-jFo0wBY2nNcrRjzOsjhSest7xrdci-SVoXAE6hiGNf_64B-M8VKJxLDUWS9JxW6Ke6pR5a_siNX26wycu_kuT&sai=AMfl-YRNC4styC9lGA8rV-Z8BvUOehCNCohQSa3FL7p68p_0-ZQT4W_9cUAbS6e7-S8TX_Jo4o8CGRqWIDBe2oHqWssDSjCrRyw7vSHLJVXJN9Nsh8V5hH5Nx7Wj6PbQF7I&sig=Cg0ArKJSzByFQzDvDa71EAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 417C 17 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 417C 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 417C 117 KB
36 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 417C 0
0 22ms
20ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSW5l4oYHTyYBS7m_72QNXNtjs9yjuqI69uc0ngvt_YXaTWRNMj832INzBDPL8fpKi0xe1k
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 9341507635094765873
tpc.googlesyndication.com/simgad/ Frame 417C 82 KB
82 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9341507635094765873

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4949c677e5b332c21db431cd7710c28817452f72fca076e89906a3e8e6b9be2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:00:25 GMT
x-content-type-options: nosniff
age: 332990
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83543
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 02:51:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 May 2022 19:00:25 GMT

GET
H2 200 json Show response
trc.taboola.com/freemalaysiatoday/trc/3/ 10 KB
5 KB 841ms
835ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/freemalaysiatoday/trc/3/json?tim=17%3A30%3A15.657&lti=deflated&data=%7B%22id%22%3A382%2C%22ii%22%3A%22%2Fcategory%2Fleisure%2F2020%2F02%2F02%2Fthe-problems-with-our-local-education-system%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620303581011%2C%22vi%22%3A1621265415654%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.freemalaysiatoday.com%2Fcategory%2Fleisure%2F2020%2F02%2F02%2Fthe-problems-with-our-local-education-system%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6042%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-h%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4994.328125%2C%22mw%22%3A696%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 218304ba854326aa21ddc3a5661591f63bcfb2df27a5e2a357f21250ddcf8c1e

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 364
date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
server: nginx
x-timer: S1621265416.114590,VS0,VE364
x-served-by: cache-hhn11529-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FFD 0
0 104ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgoAbVccNHE6ZDPFbPBwcHK5npKozLXs4QrFiRwH2n22REoHRQr67pWmi1MOvGt51GzsR8oKy5-UodKsZ4w-yCdCq4D25pQITZe1ZgQWPT8ZfjjycVRoijX3ZodyiWn_bhDFGikbzXGvRVQ5tmQ9gu6_z1ivq8TF1SJk5_Ukgkqp-gKwZIZkvn_g6HxD7gS02hKgIeMA4zMpw1vDs9RC80aKG5yYq7OlZfxNqTEowbiU2rzlkj0Noov7vmJTY99tjW49bVPcm1Mev6KTYqS9qbMCOAJ1P4WhqoF0X5ArK_Fs2RWYqv2_ZnSBZfPu4vpWXG231jwVSLoOGdhl76tly8ukjUmd6QtpjCFWM&sai=AMfl-YSr9m3Ofoby0GBm8uoJPc3HRriM2FwB580-5Y-E0pUx__arzK4qu0ipvjFiWQfRnCqDtYWcuB-wyRXhUHvKCbCVGAGxcE7skp83wUmnJlsxdtJu-cb8I1aXqGS3lwAo&sig=Cg0ArKJSzJMsOqXQcOHLEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:15 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 554D 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 17 May 2021 14:53:16 GMT
expires: Tue, 17 May 2022 14:53:16 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2219
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A61 783 B
530 B 17ms
15ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d1579f19db9ef3fc36d6f74d011fc11b80e560ad2e5e6e7448387ac8a9816f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U2xbEIsbnDXRsSJzLalypQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

expires: Mon, 17 May 2021 15:30:15 GMT
date: Mon, 17 May 2021 15:30:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-U2xbEIsbnDXRsSJzLalypQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9814 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6597b95be4c78428ec5daea476b4e3b523f8ed3b24c1491e382815b8d304d37a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame B225 190 KB
54 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B225 12 KB
4 KB 46ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B225 87 KB
27 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B225 27 KB
9 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame B225 40 KB
13 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B225 3 KB
674 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 14:15:22 GMT
server: ESF
date: Mon, 17 May 2021 15:30:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B225 2 KB
2 KB 11ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41459
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B225 295 B
319 B 12ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37578
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2967460618036587284/ Frame B225 5 KB
5 KB 49ms
46ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2967460618036587284/downsize_200k_v1?w=195&h=102

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f9c59bbd90fc60bf5b6e12b74567607d0eb8a441853155aaffbbac179fcd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jan 2020 11:33:40 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4722
x-xss-protection: 0
expires: Tue, 17 May 2022 15:30:16 GMT

GET
DATA 200
OK truncated
/ Frame B225 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B225 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec5dc4b2b7de3e52096921e6206c703b02aa93d62f751a173241b1322ac4093

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B225 0
0 66ms
63ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjrWxB4yiYOyhGaSox_AP4qaD4AiXt9_YYbHts7nODfLcutyODhABIMeftitg-4GAgIgKoAGpgJTBA8gBCakCgAuvvqdctD7gAgCoAwHIAwqqBI4CT9DEVgSMo_f8yTTfPc2ECK4fk0pCYbLdrImhap8fZQ_tf-A3xlM49JJl4kxaCI5GcROb20Cq2IrJl3U2oE79YPnq7silxwG9Ztsq23nXnkYuxuYYjgOh0q_2x8LGg-Rc7YqzEF2f61-DXykTeSO_djTKuag2cU5P4gB2OnE0TX4PFpX8MBzrLitj0XBwx7CXnRbC05P_VLHdiKrjDiQ2-unNlnMhvXhLCNYWtPVGDmys6pD9Wfzxy4nPdyVQeXLMIYMuOTZdpgjhdxujhGDb2oj5-mXcyRLoW5lzQ7pnrbo4fS9p3k6Fpd0dLE8Tfx5zfF0rYArD6dc-NQI5M1b-qY9RO3lClZxey7FAWT54wAT3gfqgxAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHv__rPqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxCUN9IICQiA4YBQEAEYHYAKA8gLAbgTiCfYEw3QFQGAFwGyFxoKGAgAEhRwdWItNDg1MjY0ODY3NjMxNzQzNw&sigh=iFHArpdZjBA&template_id=5000
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame C42C 102 B
757 B 903ms
219ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1621265416153&ver=1&pub=51de85ddd068f0bc787691d356176df9&zone=59176&output=js&flash=0&url=login.blokchaln.com.protect-user-account.com&width=*&height=*&vpw=1600&vph=1200&auction=e2bb0b1-287ac0d
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 9a764f002370e86e69e4e5ecb3a7570d0a26bce26eae72e2f4f10edcc1bd98c2

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 15:30:16 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 109
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A737
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
44ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 17 May 2021 15:30:16 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 417C 0
0 65ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-Tf-q6iUyEq81NvvV_0o2iCTHlFkDd6sHhV62Zv802VysuerDS8csRtVrmRMYSCLUf3v1Kl1OWt_N_Awvy5WR5wi5-hYd7GwtvwV5L_aD3dSe4ukBN--NCU5Goshh5TLHz_6Hli2k9yVI99__dnhJjqs7hqf_RPnguCz0w1j1FWRLYKZ5qpxI0qUcyP-IxJD0H-rCxs_otMqLcScBtaqrEmgUVlOtfEPiA4VHLqYJzESuHA-xcTUVXvLYV-iBjuebHcfAIgUb0g8lTSJ3-h4HV7Ea67UsgYBg_rbNVLKkN0RHkrolfYP-kVeCkYmLbBBNBexCL7IyFXVhvlVtVMYQvXl9fsd4pt4vkoQ&sai=AMfl-YQTUwLDFbN4MXrZ8OPknvRFWWHx-pBBX61YSlemQL-UrdGsfje6DI8Kq6q2BPKJeVxMrjimdI_HEba0t8hr5DV7zT3JSI0nRqwS1hey1IZxe7YIFpiOPOk5H83hiVk&sig=Cg0ArKJSzI7wZ9QT2dUnEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H3-29 200 7734053729055059630
tpc.googlesyndication.com/simgad/ Frame A737 135 KB
135 KB 10ms
8ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7734053729055059630

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d335bed5316c5376b52fc17010f040e4f3ec93d3aa92eefade53da11b662cde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:37:05 GMT
x-content-type-options: nosniff
age: 467591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138652
x-xss-protection: 0
last-modified: Thu, 21 May 2020 09:06:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 05:37:05 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A737 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41460
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A737 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37579
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ Frame 9814 35 KB
12 KB 69ms
68ms XHR
application/json 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&in_iframe=1&position=atf&screen_width=1600&screen_height=1200&top_domain=login.blokchaln.com.protect-user-account.com&top_url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&domain=login.blokchaln.com.protect-user-account.com&url=https%3A%2F%2Flogin.blokchaln.com.protect-user-account.com%2F&referrer=&async=1&uid=7797555967
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b93d116bdc2efcc0721861b651a65fdd7a7386a05076a614c806eb4fb1330e75

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B225 21 KB
21 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 395894
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 13 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B225 21 KB
21 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 395925
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 13 May 2022 01:31:31 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 9D19 190 KB
54 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9D19 12 KB
4 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9D19 87 KB
27 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9D19 27 KB
9 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9D19 40 KB
13 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3674
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9D19 3 KB
578 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 13:42:30 GMT
server: ESF
date: Mon, 17 May 2021 15:30:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9D19 2 KB
2 KB 12ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41460
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9D19 295 B
319 B 12ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37579
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10466602061359707128/ Frame 9D19 26 KB
26 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10466602061359707128/downsize_200k_v1?w=600&h=314

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e93e19d8a669b35e67ebafb28b3329afe8b827813d67475024503582aeeda2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 14:53:56 GMT
x-content-type-options: nosniff
age: 2180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26542
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 10:33:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:53:56 GMT

GET
DATA 200
OK truncated
/ Frame 9D19 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D19 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e74e3abb021a7ddc2d2d3012b40617e80037b8c13ace9b7de26752231eed11b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9D19 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7U1GsPYtbxZfO7WbceZ6_4Vyz-jWR4LMD9-PFb4Up1fthfSb8IC4LHEVgZ39nxhC-aRTT
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9D19 0
0 65ms
64ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqHa8B4yiYMioLIymx_AP8JuCuAmD287nYpvt-NDqDb_hHhABIMeftitg-4GAgIgKoAGdwcGZAsgBCakCgAuvvqdctD7gAgCoAwHIAwqqBJoCT9C2nUgzchbIhYWGwfDyj7nbbILD7Px9jo05f23GNiGqkLSAmDDyP3Fw_hEG5sANtpaMacL0zzdzBBbVm1EOuWRcP9FVX_SSXs3ago3Qf8ekLDdhLet0Wk8cQD9rNO_Lw7w4XQtmeXYTiE2Vxmu9QwXAZcE4gqBEdiDXswJQM15zMXHfSvoadAdcon52mhQHCY83jvLX2NsAJqm13LbBr05ufKd44PDuFT0WwDjmYcEG5fyUWVcXk-yBPzRvYFpeerbi3Emb2lPUXMy78JAvjcMl7nKk96avHyBoA4Gii5kLCvXcIul47bhuim6wQh17edH2Ow7WfDZDwEpJnGG0lMdeGG6SPBJM-nufmtwJWI7GULf1eFzm2RN5wATZ3MDHvAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHy76-5gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQuZkQ0ggJCIDhgFAQARgdgAoDyAsBuBOIJ9gTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi00ODUyNjQ4Njc2MzE3NDM3&sigh=5hxe91RDRUs&template_id=5000
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9814 0
0 79ms
77ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7XOBjxTvFiaWoO2MBZzPxnyGB4To6ea6EANwh9z4SBRRCQtbP5DsFuMXBUnzmGUmLlA7rFES9wypymg6dFEP8hgTnEXotgqL9GAJ1ZEDT9xgBpWKf8EP3FnL_EwTVz5gYkFVhaYXcFti7sBGzWd62Jt2IbOqHEG7hjrgxQZ70sbWZhMjTaSPKMdVgJ61oNFO2cpNJmD0XBsQ7lsH8kQmliaT-ANEdHYpjohhXrhN7hd7BYcSNPQHwN_K_Lz5zysE542As1mqeg0-jU0-etW4NW5QoKCq43REJl0CxqpCeTra42kx5fawMgsh6W1t7GI7_OEti5VJXfs6A6yCm-Tma&sai=AMfl-YQBO7nguLInMCFSfUz5m1PeDCK0pqe7p74-u8KQKFkp4P_QQhPK6gFeo7SYWPdxZ3vnVmuUt1cYbNvet94A7ycVwLWT2XNJUu1z-HetMCvPojpofGn-AJzofLj_5Zo&sig=Cg0ArKJSzFUVSqOKIeMgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H2 200 moxplayer.css
ad.mox.tv/js/moxplayer/ Frame 9814 51 KB
8 KB 49ms
48ms Stylesheet
text/css 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/moxplayer/moxplayer.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-cbf7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:16 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9814 334 KB
115 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94e37f1a24a682b88f0212e2514f7e4cd3a2601342aaf332de8dc39ef544c44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117175
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H2 200 inview.min.js Show response
ad.mox.tv/js/ima2/2/ Frame 9814 5 KB
2 KB 47ms
46ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/ima2/2/inview.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:16 GMT

GET
H2 200 vast-client.min.js Show response
ad.mox.tv/js/ima2/2/ Frame 9814 58 KB
13 KB 55ms
55ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/ima2/2/vast-client.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aea323a4ce86df0067d515045882ac13899a0982931ef9333132788f3903d6b0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 11:41:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6033987f-e9df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:16 GMT

GET
H2 200 ima.min.js Show response
ad.mox.tv/js/ima2/2/ Frame 9814 81 KB
22 KB 71ms
69ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/ima2/2/ima.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: af4739e820dc33d470ce31d25a009182515ba05f39cf05d7525885f63ebedc1b

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 14:43:18 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6037b786-14593"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:16 GMT

GET
H2 200 moxplayer.min.js Show response
ad.mox.tv/js/moxplayer/ Frame 9814 183 KB
57 KB 72ms
72ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/moxplayer/moxplayer.min.js
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0958e91e1c45ea3255d36eb3466e45f4f714fc711f2d6acca6fd5820ae079f05

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-2dab7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 17 May 2021 16:30:16 GMT

GET
H2 200 pg.freemalaysiatoday.js Show response
m2d.m2.ai/ 499 KB
142 KB 322ms
24ms Script
application/javascript 13.32.25.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.freemalaysiatoday.js
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-98.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08d2d3c2e723b7b6f2e338ecbd65ecb638193b44f507e3df2f12e87d8a31049a

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:22:50 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 18:15:14 GMT
server: AmazonS3
age: 825
etag: W/"ab88f3585948fdfa611be58520c1949e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: efXZdGzB7WX2H6JCpXyG18lByWW9DvqiWlkuj1oMN2VJD8898fjxyg==

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ Frame 9814 3 KB
850 B 83ms
81ms Stylesheet
text/css 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=2112&height=405&width=720&tld=freemalaysiatoday.com&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ Frame 9814 35 B
372 B 63ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ Frame 9814 0
66 B 127ms
30ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 9814
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=790a73e1-a362-4100-afcb-b9a7cb2aecf9&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=790a73e1-a362-4100-afcb-b9a7cb2aecf9&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Deabc7acd-8b7f-4810-a90d-bef16ee9...
https://x.bidswitch.net/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent=

43 B
145 B

49ms
35ms

Image
image/gif

3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=708760a2-8c09-4300-ae08-6cee281d3080&expires=30&ssp=prodoohmox&bsw_param=eabc7acd-8b7f-4810-a90d-bef16ee96295&gdpr=0&gdpr_consent=
date: Mon, 17 May 2021 15:30:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 40ms
32ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding: gzip
etag: "559c107d74fc83d8062b2553a1818b07"
age: 9985
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5911
x-amz-id-2: PcZdxd4MAAFykcoOHYcgyv+TEhcU7OKI7t0br8QAKbOSr4qga/V09bIEDue+m1dl1lmqkJ1sz9E=
x-served-by: cache-hhn11529-HHN
last-modified: Mon, 03 May 2021 12:43:43 GMT
server: AmazonS3
x-timer: S1621265417.787948,VS0,VE1
date: Mon, 17 May 2021 15:30:16 GMT
vary: Accept-Encoding
x-amz-request-id: 7QPCNXQEEQ4QGPWX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 87
x-cache-hits: 143317

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 35ms
30ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 2474
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11529-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1621265417.785121,VS0,VE0
date: Mon, 17 May 2021 15:30:16 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 87
x-cache-hits: 42069

GET
H2 200 tfa-eid.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 33ms
29ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freemalaysiatoday/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JeTFio8RB25hb0.b.oW6hIUHdtaChnl.
content-encoding: gzip
etag: "497313b7766db3c042e0e09e5eb6bd83"
age: 88
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4868
x-amz-id-2: mNAf6v7XIkSrHnQ0CP489T5Dldb9y8HC3AhOD//Y5bc8UFADX80Nn7qfBDGzyjamh5WIWUIlUPc=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 06 May 2021 12:09:39 GMT
server: AmazonS3
x-timer: S1621265417.800855,VS0,VE0
date: Mon, 17 May 2021 15:30:16 GMT
vary: Accept-Encoding
x-amz-request-id: 45124AK31RQCJDKT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 688

GET
H2 200 sha256.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 32ms
29ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freemalaysiatoday/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VgwndrRwnm.4MEVGa4FKVyvAo_uRUKgE
content-encoding: gzip
etag: "9006e6d602ca140d7ed04ab61f41eaed"
age: 5
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: ulfU/GCX3l0AyYgfZRtv/XBPFIrHOw7nIqN0EtXeYlRNP8u6Xp6cUeng2qKhT0EBxITvAIeb/Ao=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 06 May 2021 12:09:48 GMT
server: AmazonS3
x-timer: S1621265417.800951,VS0,VE0
date: Mon, 17 May 2021 15:30:16 GMT
vary: Accept-Encoding
x-amz-request-id: PR1ADEEJP1DY8GPM
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 35

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9D19 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 395894
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 13 May 2022 01:32:02 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9D19 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 395925
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 13 May 2022 01:31:31 GMT

GET
H2 200 tb Show response
15.taboola.com/ 29 KB
8 KB 55ms
51ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=freemalaysiatoday&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.freemalaysiatoday.com%2Fcategory%2Fleisure%2F2020%2F02%2F02%2Fthe-problems-with-our-local-education-system%2F&encoded=1&uid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&variant=-100|1812&callback=TRC.videoTagCallbacks.videoCallback1&cb=1621265416875&tagid=&cntry=RO&platform=1&sesid=a578a1f5e250ebd0878034e2cad00d73&itemid=/category/leisure/2020/02/02/the-problems-with-our-local-education-system&viewid=1621265415654&geolat=&geoing=&deviceifa=&appid=&sd=v2_a578a1f5e250ebd0878034e2cad00d73_a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188_1621265416_1621265416_CNawjgYQtpo-GOb7y9eXLyABKAEwuAE4mN0MQLyZEEjo2dgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=84dbc82e16e7ffbba3fad50409d76013&appname=&cdb=&gdprApplies=true&rid=&sii=-5798304796566590037&oee=true&tpubid=1019190&uis=2&fagg=4&ccpaDns=false&ccpaPrivacy=&region=B&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1049562&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e477d76903bf135fdfd884e2967a30f783e3a44d6e3f621636cd9e526f0dc1da

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
machineid: 1451
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11529-HHN
pragma: no-cache
server: nginx
x-timer: S1621265417.893519,VS0,VE22
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 30ms
27ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freemalaysiatoday/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2be8f56a4a70d676b427368242ce718fa41a92dd8ae5d842dac3791d5774d215

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pkYdxx1t6jn1mignbWEiJ.L2M1yUPNCD
content-encoding: gzip
etag: "6941978c0b873e2e0ed0478d3f339048"
age: 45
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7953
x-amz-id-2: V4ePGTRskdzUMQOa2m8Bt9SgxvHJ7UkKM72ODEAqv+Ate0fXbpkN4w0ktc8c/N1K6Yhf7gC4rIU=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 06 May 2021 12:09:33 GMT
server: AmazonS3
x-timer: S1621265417.891230,VS0,VE0
date: Mon, 17 May 2021 15:30:16 GMT
vary: Accept-Encoding
x-amz-request-id: GKW5YQ29DQ0DX5GD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 53

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F36 0
0 65ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswoHn8FXFDO4zqYfYhk2OfFCQNt20G7j27Lu6WieLZogl1C16h_brCLwgZBROALBlfEPQgYsHuVSc-J_0LM9_S_FQjaunrAjMt-Ey5IZyVNeendLCIyrjpK49qFnInYpV4Q1TrGf__97Jz98NYo-MTB_BG3iD3ySqJ5b4s045p0FLcdiY-QApVzH9ZlH0Mwk6rw6UNz5IdwiUdeZYNOlGXrCPFjDxnIrT8zs2aLyLEuVVJTz_8enOyVWgyqfp1xpqu3rFNUIp6mEzoFurgUoh0cWfTLzBDg2l7-1mHU7ClOSNEyas_zOEJZccBkVA1cpiX8wbhr7CXfkjWszGae5Wdghp-iLKLHNpdJpXX2nvKnxz_&sai=AMfl-YS6s6m8WM40ZGKC9qaTzrSBVKJL9st17dQlIK6C5s2cBGneBsk805UbG8vjTBGOwQj4d3LK4eg_YsK_wLt_bGscvihcdFvbaWb6fxd4H_QOxJE1hj91add6Up4dMFaX&sig=Cg0ArKJSzPpObcIaNjhtEAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 9F36 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9F36 2 KB
1 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F36 117 KB
36 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:16 GMT

GET
H3-29 200 13396470671860340629
tpc.googlesyndication.com/simgad/ Frame 9F36 12 KB
12 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13396470671860340629

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afb1685687cb26375725910958868bc2f8013315811b0dea0cd4f14e789942bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:12:12 GMT
x-content-type-options: nosniff
age: 461884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12720
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 05:49:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 07:12:12 GMT

GET
H2 200 0d3c167bc651170796758e3db640b575.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 38ms
31ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d3c167bc651170796758e3db640b575.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7348b1f037c43d1f5c24e1aca7d5b4032f7ad1607f49b43d9622faa160029426

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 17 May 2021 15:30:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 371570
edge-cache-tag: 376356318185000409987425652215244376058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d3c167bc651170796758e3db640b575.jpg
content-length: 6144
x-request-id: 78cb76de5283683b23abf408230ad3c0
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 27 Apr 2021 08:25:00 GMT
server: nginx
x-timer: S1621265417.184915,VS0,VE1
etag: "102fda893159a2292b84278a2f417d79"
x-served-by: cache-wdc5581-WDC, cache-dca17751-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 d377a4eff25e768d024805d232098c6d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 39ms
32ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d377a4eff25e768d024805d232098c6d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7fe967453ba62a24b35d146052d6c456589a91f6a70bc8473a2de6401f035f1

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 17 May 2021 15:30:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 2001895
edge-cache-tag: 520752029639056054801528088356467271539,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sun, 09 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d377a4eff25e768d024805d232098c6d.jpg
content-length: 5950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 08 Apr 2021 10:42:54 GMT
server: nginx
x-timer: S1621265417.184767,VS0,VE1
etag: "f3ebfdb60d06bd195c7c71bcca36f85e"
x-served-by: cache-wdc5549-WDC, cache-dca17735-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/ 7 KB
8 KB 36ms
30ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffdc62228b7a80c7eca49e5fae17e3991490635a048eb90f9ef9cc6156c3fa1a

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 17 May 2021 15:30:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 2776550
edge-cache-tag: 451712784834958293572562211360054701117,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
content-length: 7460
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 13 Apr 2021 12:51:17 GMT
server: nginx
x-timer: S1621265417.184826,VS0,VE1
etag: "a822725c452b62f17de84a9e2c14a18f"
x-served-by: cache-wdc5554-WDC, cache-dca17759-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 hoo-ke-ping_hudud_law_600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3media.freemalaysiatoday.com/wp-content/uploads/2016/06/ 8 KB
8 KB 34ms
29ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3media.freemalaysiatoday.com/wp-content/uploads/2016/06/hoo-ke-ping_hudud_law_600.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c748ac5015026a3db6c59541ff05ce06c318f6ee90da40b66294f8dcd4272fcc

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 17 May 2021 15:30:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 2898444
edge-cache-tag: 398442496473067812836624453922955986313,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3media.freemalaysiatoday.com/wp-content/uploads/2016/06/hoo-ke-ping_hudud_law_600.jpg
content-length: 7684
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 06 Apr 2021 06:41:23 GMT
server: nginx
x-timer: S1621265417.184434,VS0,VE1
etag: "43a8d7fbda07bc6a5b7eb2f23b763760"
x-served-by: cache-wdc5524-WDC, cache-dca17746-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.3/ 94 KB
27 KB 49ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f84484a6fcf97a77906921b62e1c83ab13b7fa1f0c06cfe4c13a9dc2478391e4

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:17 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 varnish
age: 196029
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 27271
x-served-by: cache-hhn11529-HHN
last-modified: Sat, 15 May 2021 09:01:53 GMT
server: AmazonS3
x-timer: S1621265417.210228,VS0,VE0
etag: "fe9344a66ee4f5b7387ddde9997b2235"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ObMYeoBWdBVLADkcYRcHfJklvmr70bhiXIQlk02C2OvSj9O55eBDgQ==
x-cache-hits: 9656

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B225 2 KB
2 KB 11ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41461
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B225 295 B
324 B 12ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37580
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C55 0
0 82ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT_QjrsunE5n9uX7v5CAFj5e39BSqixjhCCw3Xo7ws7V4tpkMN57cOCUJTTgvRQwy8lyJq5zsJvx5Um-XbIuO6_BH9APqB9YGck4uFuAN_Y7HQ4blxRxCItdswR3d4_5E0W3WMW43FZnT5KZ1STkgLS2qlUMazg8b72yxEyEeKyskBbJxRdZ_3YJYtec_fGC2GPI5IJq-VOBetA_Bi1u0JGU6XNFRy1rPRrpALfH5EvLwTFz8-JB_K0BxyCwg5-tyIRaSUzY3o00DqFgmpV_1bFwgCv0AT8-9ief6HWD4YUN8jzVSCTdyHEoNkkQ13bzzdrgyzTYnjMEiFV9xA0Cnx8XS3AVGtnGjXTCia&sai=AMfl-YTLpKZYjeVPHqykx-z6RGZhzrP1td6-11lizH0M1FjqsKkA0n9X41CcpEI0LbVPjP36zzHyhMBr7nitL582uogNt9nLeNbABsm7cxKLej1YlEqDPvHeXdzr6bJsEtQb&sig=Cg0ArKJSzLSPuTFupxnTEAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:17 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 0C55 17 KB
7 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0C55 2 KB
1 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C55 117 KB
36 KB 34ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:17 GMT

GET
H2 200 2069203789165848097
tpc.googlesyndication.com/simgad/ Frame 0C55 57 KB
57 KB 27ms
24ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2069203789165848097

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

555612edc550937a131859b74de03bb36489d00176447ae1377422f24de196a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:50:54 GMT
x-content-type-options: nosniff
age: 283163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57898
x-xss-protection: 0
last-modified: Fri, 07 May 2021 08:07:22 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:50:54 GMT

GET
H2 200 container.html Show response
19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A984 6 KB
3 KB 29ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 17 May 2021 15:30:14 GMT
expires: Tue, 17 May 2022 15:30:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F36 0
0 81ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYHfxKV6mDjzo7ouaGWgg8dRSCdlVDm2qBRuMa3KFC8aFdpytSvz6yKeH8l0f-hieif9wBwphtXZVRuc0neuZV-lBrQITDPyTAOMewloRIrZl3jI6ClAFe9yd_0xA27FfJlHH5j46GDJNzpx8fTIB87hY7TOmNNcG2DE8_h1ubXURr_DfH3OuMzzOr5nD2Gufp8kGNEA0FiyRsjoA3XBpqYQGfmNAw_s9VtgCGGzzguX0YS9nr2P4NxEy9_3SAvu3iTZDb2KBoRQv4FFi-kMfnbIvz7hxECVXAcNU0rHtUMWLm3O3tMJPTF99HxWDsgDK7MaIXK01zI4svXQimzz8LOZZnv84wIOLsRSfaIEtIVPhBJYE&sai=AMfl-YSHX8m0_tcQLMkafMPakUhenlWGMZeYeia0z1Q7-crW8WafpkWnGi9Rlc-1Te6hXYwwbJUSizsIqc7CTlwzG4-HGamQ0J47a7_uP1jl4KhmrukGW14LeGQgXH7br0et&sig=Cg0ArKJSzO9DVGycBWH6EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:17 GMT

GET
DATA 200
OK truncated
/ Frame C42C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50ee03df6468b942dbc8387784597b6e4ac0b90b33249c813a70d571c6f48779

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C42C 0
0 84ms
83ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUx179pQqxJPGVXQK1Mtq65IrQR0kB4EWrrsv_3wUKTpktgxBEO2sK6mymhQ2sNYgn-flPkFJU-1hE3QijnkrYsFy7iDnuFStpuIVeK5Pd5AkauaaRwcQ9Lne4wcp_m3PMkdc7Dpj6uZYuiy9rht49Q-tT0iNEDSUm_XEPn0pmWiEp3v32XFKL_loUV47WekCGGVI4to9DVs0-qC2qdOWfItMLcwOyGgLlQhikYAD_IafHfaAO7_TdYgkC9pKLE4Sh99VeqC_qFP3N01X_cviZuUn7WSFYesMPqq3rLESzmWBTsAO703PuA6waZ3hV26MVNiASgk7Q4sya_jbkoFuJmAc27Saf0by9lA3tbxU&sai=AMfl-YQFwLQam9oNwqNXw6PTUIdh2R3hgeiFABChABTfaemoGOeuUJmxGkUGukvL74RNalo-yN0XaPtAH82NTAnjH0_bFDG8TAJ0BDD0gS0e9iiCE8xq4-v7X3J7WhfNZTMO&sig=Cg0ArKJSzAolUjQDYSFDEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:17 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9D19 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41462
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9D19 295 B
324 B 10ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37581
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 0991 190 KB
54 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3676
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0991 12 KB
5 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3676
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0991 87 KB
27 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3676
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0991 27 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3676
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0991 40 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3676
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Mon, 17 May 2021 14:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 14:29:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0991 6 KB
765 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 14:15:55 GMT
server: ESF
date: Mon, 17 May 2021 15:30:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 15:30:18 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0991 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41462
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0991 295 B
324 B 14ms
13ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37581
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

GET
H3-29 200 6592766407814317453
tpc.googlesyndication.com/simgad/14830608437032015361/ Frame 0991 30 KB
30 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14830608437032015361/6592766407814317453

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23a71aa0b2c9ff0510e75457925efc40b9b9596ca1109105cc59ecf872bb2f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:24:13 GMT
x-content-type-options: nosniff
age: 500765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30780
x-xss-protection: 0
last-modified: Tue, 04 May 2021 14:21:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 20:24:13 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10861045584304214021/ Frame 0991 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10861045584304214021/downsize_200k_v1?w=100&h=100

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2860023e79d54a40fa385867a8e550eccd87aefbb15ba8ad350ada90ad9dfcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:34:45 GMT
x-content-type-options: nosniff
age: 514533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1961
x-xss-protection: 0
last-modified: Tue, 04 May 2021 14:20:34 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 16:34:45 GMT

GET
DATA 200
OK truncated
/ Frame 0991 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0991 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbbc2b387e01d0bb039f72e4135f66fe9759b8042f4409287a91f3fe4992ba84

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0991 0
0 34ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-KzZ1ZHXdL3WRvGp_AkoHMoqniQvyKTVBXUD5X3r2w2-ooQsgwmiuFmezSZQg9g2E-miU
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0991 0
0 81ms
64ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClXCqCYyiYOmkB56hx_APjJSwwAW0rv3NYoW06qboDeG3utWZIxABIMeftitg-4GAgIgKoAHN-ILaA8gBCeACAKgDAcgDCqoEhgJP0EL4qnxVfbqI2JMFUW46RGT1RJfzViDm2OEs4wA2NSJxntSPMtuv3DaQ5wy6Vtd2pU1Zfy7YmR008X9GX-S1WUMvFSaHCx1jfjgUpI59iw0-Brg1Ue42Lb8ouNoLTC4BjKRiBpkzqu6K2qexx9KVP0ecbJ1wKLe8SO4VvLwno5l5hrPS6T48cO79PK67iL6_oD5PfwkqNMXOZ0VfwxBEjmrXK5X-jIpo37NW9qiYRSxOvFN48i__sk9cuU7jZ55y4ZunqLudphnqmqTiXJv-W0ZTORB1fFXtyL-NABlveechIEesemYPzaxTVBAiY41NA-sFHKk8NGf5wTHDTRB-MZDDMaQQwASYnIOe3wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHm4f9JagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCN8wnSCAkIgOGAUBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNDg1MjY0ODY3NjMxNzQzNw&sigh=iR5JPj-xSnc&template_id=484
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 bridge3.459.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3A7A 573 KB
188 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.459.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97148294651f71eb2be2e2f84736de37708be96835bf8cbeb6ea96e5b3b21dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.459.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191958
date: Fri, 14 May 2021 17:32:21 GMT
expires: Sat, 14 May 2022 17:32:21 GMT
last-modified: Fri, 14 May 2021 17:25:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 251877
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9814 44 KB
17 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:18 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d3c167bc651170796758e3db640b575.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7348b1f037c43d1f5c24e1aca7d5b4032f7ad1607f49b43d9622faa160029426

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 17 May 2021 15:30:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 371571
edge-cache-tag: 376356318185000409987425652215244376058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d3c167bc651170796758e3db640b575.jpg
content-length: 6144
x-request-id: 78cb76de5283683b23abf408230ad3c0
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 27 Apr 2021 08:25:00 GMT
server: nginx
x-timer: S1621265418.489845,VS0,VE0
etag: "102fda893159a2292b84278a2f417d79"
x-served-by: cache-wdc5581-WDC, cache-dca17751-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d377a4eff25e768d024805d232098c6d.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7fe967453ba62a24b35d146052d6c456589a91f6a70bc8473a2de6401f035f1

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 17 May 2021 15:30:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 2001896
edge-cache-tag: 520752029639056054801528088356467271539,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sun, 09 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d377a4eff25e768d024805d232098c6d.jpg
content-length: 5950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 08 Apr 2021 10:42:54 GMT
server: nginx
x-timer: S1621265419.514424,VS0,VE0
etag: "f3ebfdb60d06bd195c7c71bcca36f85e"
x-served-by: cache-wdc5549-WDC, cache-dca17735-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffdc62228b7a80c7eca49e5fae17e3991490635a048eb90f9ef9cc6156c3fa1a

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 17 May 2021 15:30:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 2776551
edge-cache-tag: 451712784834958293572562211360054701117,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
content-length: 7460
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 13 Apr 2021 12:51:17 GMT
server: nginx
x-timer: S1621265419.514404,VS0,VE0
etag: "a822725c452b62f17de84a9e2c14a18f"
x-served-by: cache-wdc5554-WDC, cache-dca17759-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3media.freemalaysiatoday.com/wp-content/uploads/2016/06/hoo-ke-ping_hudud_law_600.jpg
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c748ac5015026a3db6c59541ff05ce06c318f6ee90da40b66294f8dcd4272fcc

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 17 May 2021 15:30:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 2898445
edge-cache-tag: 398442496473067812836624453922955986313,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3media.freemalaysiatoday.com/wp-content/uploads/2016/06/hoo-ke-ping_hudud_law_600.jpg
content-length: 7684
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 06 Apr 2021 06:41:23 GMT
server: nginx
x-timer: S1621265419.514382,VS0,VE0
etag: "43a8d7fbda07bc6a5b7eb2f23b763760"
x-served-by: cache-wdc5524-WDC, cache-dca17746-DCA, cache-hhn11529-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF04 0
0 66ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6EkJtmZusoHX5FUbY-k8MkNzztTWMgU4PwY4ROUP-43Nn6l3X3EtraFKkIXDr8nhGMNwUnmKcSS8QtsWLholgirXf9o2NiaP8W-R4sWuVXh--51XYCpUiYJm935I6IOxf9OzUzWt2CqX7v1KQf8wciSwzFWzMSdjLr6rOOEI6JTcyby7XTqzge9hbyag8z1fTmiKjtweqKLqG8vasYAZB65z4ap2jMtToGnyINcLpDhJnrUEGkQkEDDFpXEWscP1rtvHXTfvuo13NIhW9S0njN3KEdEwZFHvoeaDaBlQbaf14bLeUYoe9af3YrIBvuV5XaqsigXqqfTis91X1pb1NLF8YMIkdDS1sLxgP2CM&sai=AMfl-YSqyOffMTEmxrB5t4z-fWpOVLTwq0b7a6MoQbokwgIs0lChl1ocdSjlGYM5oVJtsan28a0ih9x-39fsI2T9KGI2hEQfWLzDKW5GpgREHCEzMBhjs0uSowJESW0xsdQ&sig=Cg0ArKJSzH1TkR1PVhfpEAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame DF04 17 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame DF04 2 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF04 117 KB
36 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:18 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DF04 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs0T82uwWNLyHZmCvJguly7fn3WgeJ-pmzNjaFpGvs1sv2lv4ZKZY0GZE6aA2rwv-SCGV5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16179709280932849631
tpc.googlesyndication.com/simgad/ Frame DF04 91 KB
91 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16179709280932849631

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4dd098c8464d1a9385f17af4f8d5e1192eb07e7c48237c9788eda0796692fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:04:10 GMT
x-content-type-options: nosniff
age: 332768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93389
x-xss-protection: 0
last-modified: Tue, 30 Apr 2019 07:18:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 May 2022 19:04:10 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B81 0
0 130ms
110ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXcDkmaKdhjRkPQ9F1N7zAQhQBXWkvB_gGe_0NDud9AAzLVoo18YLmXCYI_ZpT82SUaHOPdwcZB3aFLHIMx4q2JQva3ctEPx0B4u1ylvbapZ_fuCBFkdclDb4TYDN3WNGCrMRU-43wCKY3WJoXp1AdF6jyqweK3z7yG_G8ijDvXQYqU8IBTOEKNu5nTdpBrEVewvrlOHS6Kx65_TeD2ZSWaT2rjS1LZOjWvQCbLpLYcjx5MeQI2hVvMGsV_YyFPyGGGaYpSpg7306CM-NjLLJoh4HIrpTA3WuGqjJHGEMJyVGLDSr10zFuxtHUU9Iaz7BI67lfp8DzyWDraVhhsP0rGBMCSc685Jc&sai=AMfl-YSMcUk5OtHqURfoar3WdDIOEt-RSKfolBwPy_fFjrgQTpF1Z4UcKDeyyqvub_t_-7IJCSBr74H3RFmjI-X63m_nPKMLAUVvlZ5NGw-0Aza_qD4jSghIQ-ZV_gZoB7c&sig=Cg0ArKJSzFWYDV1bnV9YEAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 7B81 17 KB
7 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 7B81 2 KB
1 KB 64ms
48ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B81 117 KB
36 KB 94ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:18 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7B81 0
0 104ms
88ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuDFeOE9kz7Yuws-vvBKAUhXtqhCHxr--7PjwtBShH1hrJ9IKndwYZfWDZMCsuXwKAHVyE
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 17300367024132577935
tpc.googlesyndication.com/simgad/ Frame 7B81 357 KB
357 KB 64ms
48ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17300367024132577935

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af0cbefe42cad58f298485059530b3ce16930e3274429d6a9371689495c0ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 08:17:46 GMT
x-content-type-options: nosniff
age: 371552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 365253
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 08:02:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 May 2022 08:17:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5603 0
0 81ms
78ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbBIyMQM8Dyp7cAcCuceblKURUpX4n-BNk3uPzgabFyijD9Rv5FVu32nzAbLdqlrL_zG3ecjegdTz6Dne500GT1nv9-1-t_-7xwMfW5GOXjgeGbkHLk2aZVPirYxtofvuZPY51UHn9ZVZIMh0ahzIOFm7UFlsKX9pbMCSskmdz2PxaePEb10f4N_T3EKNtGdklZKXjBMVXRL07ALINQxBwD0dEbqvd6UkTcfwq7tE8y5zt7raxdi9YhkXee8tOO0A-GJesdT_A5gnsloa-KXUjLsSFoUhDabD-n2qEVOJcQYQyctVoTosCazkC2vvhwZoEZD6bHxqHdIK9i0wQotscMHf4WG2cJq6Ux3eeVf0&sai=AMfl-YT5p4NZWN_TVPvAC4C_fOLU4hZ5swhGr9thT7Urxy0vUzWbAwcLKVYqpddwSHYbUZg2hwVJMtAinHe6lI9DilpdckxrmLhh5oJr1c3JT7K1yRZDUbKo0xXbuyu99pU&sig=Cg0ArKJSzPbuMzAj41CBEAE&urlfix=1&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame 5603 10 KB
4 KB 45ms
43ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Tue, 18 May 2021 15:30:18 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5603 117 KB
36 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:18 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F2B 0
0 68ms
66ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ4z6xgFWrQsli2bRIuRrCCP3o7wJrWVMI8useK9MEtHCGIItxax2MMEVM6V8NqPM36F6-dnOxu8X85T3TnEYCvluksS42HzpTRB0ltCeSHDWRSLbez6mbwdOWaUCdjKlbVUa1ci7eyjPluQcIL2RWhHK47UfejH2dHimzz06Da-aIyAPeGNNm4e5WK0ApqPknN4ey8f3NhSPoovQBy2vgh4uTN1VhGoNu9-87gV-ai7ZFqoOcjqqdYqTIhDsGl5Vs5vGn3z8WkxKRoTW1SL1AwJWbh52NBFxgDMaijhoUZ4TZEbVo4scPj-5nQ9tp6Bq1wYKuPRWGh6a98-upFTUUTN887Wrm5xk&sai=AMfl-YSQK1gsRq_B3eP3QcnNTYJxyZo0FXL2I0VLv7nb_s9rik583GCyB1Xpd1LNw55AeK1aW_CRXgxYpeuRNDpxfonq97biccBrQFAhPSQicH7LlshMNrhDHVuqevW1mDUB&sig=Cg0ArKJSzFeZRlXVgIa_EAE&adurl=

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 2F2B 17 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 2F2B 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F2B 117 KB
36 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:19 GMT

GET
H2 200 16380117264865620602
tpc.googlesyndication.com/simgad/ Frame 2F2B 312 KB
312 KB 9ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16380117264865620602

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b064b73f1b1b8a688aff47a2b3fb5aad9fd790dba33c8b606b761aac604b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:53:54 GMT
x-content-type-options: nosniff
age: 102985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 319174
x-xss-protection: 0
last-modified: Fri, 22 Jan 2021 04:05:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 10:53:54 GMT

POST
H2 204 bulk Show response
trc.taboola.com/freemalaysiatoday/log/3/ 0
316 B 114ms
104ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/freemalaysiatoday/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 75
pragma: no-cache
date: Mon, 17 May 2021 15:30:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1621265419.044155,VS0,VE75
x-served-by: cache-hhn11529-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 / Show response
analytics2.m2.ai/ 138 B
434 B 215ms
29ms XHR
application/json 35.156.250.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/?device=desktop&publisher=73004400

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.freemalaysiatoday.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

97dfa85226983727645d4a944d31a9b8da914b9280b8fa8e81f377565835f44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:19 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2
access-control-allow-credentials: true
vary: Origin
content-length: 138
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
analytics2.m2.ai/ 2 B
351 B 459ms
296ms XHR
text/plain 35.156.250.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.freemalaysiatoday.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 May 2021 15:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 stream
analytics2.m2.ai/ 0
0 177ms
35ms Ping
text/plain 35.156.250.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics2.m2.ai/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.freemalaysiatoday.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
access-control-expose-headers: X-M2
access-control-allow-credentials: true

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C55 0
0 73ms
65ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY0s8Fm3Q1s24QZ_EEDmOa-JcmrEXDzshq226-gnmn2FDXB4KT0p9DWNPKwIah1tbBqpVkn-sgpyk1CyzeGkAzmBWdTmja-UT-1xToZRIbU7YvmJsbQ12vbJGz7tfkhcz5w9VsPudZJg2HXXlTYZk61ZgVzIy7hRdTtwMLQtpB7PqAKJ3MGKNPEAfD0TUg4jns6WQHbVs6qRHLgZggRfVeNNXzckz8ZxPDOPlf3DNNxRx6m8y5hEUdGPs-VnwIky6AxCmsh1SLYApQC0abRS1SWBMqffOmUnlD5XCo8QD4NNo-Z5R6dn1aYQo8V_Vov61SJ9lrSXy9ucKPt9nyOUKSffprYEeMSTHkumE4NqE&sai=AMfl-YQgdXDcnf15zP9sn0JWdGYZnBGWFjs4KntGdoaI2vMwpPaB8P4nInHXLdekgeHehuD5aHXI3TvNAmJ-6iiMVCP7vDYZgRXsmpu-zNwNtzmmw2OEKgQ8jSFcYAmih0ev&sig=Cg0ArKJSzIQlh2xRWN2OEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0991 15 KB
16 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 345290
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 13 May 2022 15:35:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0991 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.blokchaln.com.protect-user-account.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 126416
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 16 May 2022 04:23:23 GMT

GET
H2 200 container.html Show response
19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF83 6 KB
3 KB 36ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 17 May 2021 15:30:14 GMT
expires: Tue, 17 May 2022 15:30:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 6
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9683
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e&tbid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c&query=taboola_hm%3D11bfef14-cade-...

0
76 B

42ms
38ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e&tbid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c&query=taboola_hm%3D11bfef14-cade-4406-a1fc-da8fb4686b0e&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1621265421.196233,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11bfef14-cade-4406-a1fc-da8fb4686b0e&tbid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c&query=taboola_hm%3D11bfef14-cade-4406-a1fc-da8fb4686b0e&isDirect=0
tbl-x-upstream: 10.41.12.133:10213
date: Mon, 17 May 2021 15:30:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12858

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 9683
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=

43 B
180 B

28ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:20 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=
date: Mon, 17 May 2021 15:30:20 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 9683 42 B
233 B 507ms
103ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:20 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9683 0
239 B 508ms
31ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 9683
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qSsT7GnQssJY&ev=1&orig=trc&pid=562107

0
217 B

32ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qSsT7GnQssJY&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Mon, 17 May 2021 15:30:20 GMT
server: nginx
x-fastly-to-nlb-rtt: 12864

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qSsT7GnQssJY&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-8r8vb
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 9683 43 B
694 B 649ms
247ms Image
image/gif 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:20 GMT
X-Proxy-Origin: 89.40.183.22; 89.40.183.22; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.180:80
AN-X-Request-Uuid: 3de256c2-fa29-423f-830d-da35a5422bf1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9683
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELSkpRJ_Tisb6p6eJ0ZTp9c&google_cver=1

0
210 B

86ms
86ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELSkpRJ_Tisb6p6eJ0ZTp9c&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Mon, 17 May 2021 15:30:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1621265421.944753,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11529-HHN

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELSkpRJ_Tisb6p6eJ0ZTp9c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9683 42 B
548 B 1185ms
48ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:2239
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c

170 B
188 B

74ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c
tbl-x-upstream: 10.41.22.84:10213
date: Mon, 17 May 2021 15:30:20 GMT
server: nginx
x-fastly-to-nlb-rtt: 12936

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9683
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef451100-c143-4de8-b52e-5d4855de76f4

0
186 B

99ms
93ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef451100-c143-4de8-b52e-5d4855de76f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 61
date: Mon, 17 May 2021 15:30:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1621265421.100340,VS0,VE61
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11529-HHN

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef451100-c143-4de8-b52e-5d4855de76f4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 9683
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

61ms
46ms

Image
text/plain

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 9683 49 B
333 B 120ms
111ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-8r8vb
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9683 43 B
697 B 123ms
31ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:20 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 9683 0
59 B 279ms
66ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:20 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9683
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=09971ae8-3876-40b4-b965-7dfa489f9d4d

0
227 B

34ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=09971ae8-3876-40b4-b965-7dfa489f9d4d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Mon, 17 May 2021 15:30:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 18213

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Mon, 17 May 2021 15:30:21 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=09971ae8-3876-40b4-b965-7dfa489f9d4d
cache-control: no-cache
server-processing-duration-in-ticks: 3657
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 17 May 2021 00:00:00 GMT

GET
H/1.1

200

2.gif
id5-sync.com/cq/464/100/6/ Frame 9683
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&gdpr=1&gdpr_consent=
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=21227561
https://id5-sync.com/cq/464/100/6/2.gif?puid=HTWrLO0kjvQDDTnlphoOrO&gdpr=1&gdpr_consent=

43 B
1 KB

67ms
55ms

Image
image/gif

51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/464/100/6/2.gif?puid=HTWrLO0kjvQDDTnlphoOrO&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:20 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:22 GMT
via: 1.1 google
last-modified: Mon, 17 May 2021 15:30:22 GMT
server: nginx/1.12.0
location: https://id5-sync.com/cq/464/100/6/2.gif?puid=HTWrLO0kjvQDDTnlphoOrO&gdpr=1&gdpr_consent=
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 9683
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=EPuRqrSzAXyskdHeDYyiYA

0
219 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=EPuRqrSzAXyskdHeDYyiYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Mon, 17 May 2021 15:30:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 16380

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=EPuRqrSzAXyskdHeDYyiYA
date: Mon, 17 May 2021 15:30:21 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9683 35 B
380 B 426ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Mon, 17 May 2021 15:29:38 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9683
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=872a4224-3784-5289-b82a-5374d888df79&ssp=taboola&expires=30&user_group=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=872a4224-3784-5289-b82a-5374d888df79&ssp=taboola&expires=30&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82500176-5d07-4e22-979b-479ef2ffa6d0

0
228 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82500176-5d07-4e22-979b-479ef2ffa6d0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Mon, 17 May 2021 15:30:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 15914

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82500176-5d07-4e22-979b-479ef2ffa6d0
date: Mon, 17 May 2021 15:30:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 44ms
36ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding: gzip
etag: "fe3141b1cffc47b284c82d96b098b304"
age: 1401
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1181
x-amz-id-2: i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by: cache-hhn11529-HHN
last-modified: Wed, 10 Mar 2021 13:27:13 GMT
server: AmazonS3
x-timer: S1621265421.133804,VS0,VE0
date: Mon, 17 May 2021 15:30:21 GMT
vary: Accept-Encoding
x-amz-request-id: 8G72GPESSN3T79N7
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 11
x-cache-hits: 25403

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
660 B 261ms
259ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 28492
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11529-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1621265421.390258,VS0,VE0
date: Mon, 17 May 2021 15:30:21 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 11
x-cache-hits: 71606

GET
H2 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 554D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 14:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 17 May 2022 14:53:17 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF04 0
0 94ms
93ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9kX7KcuYqheBRBFxGIHDxgO0tgoRYzPzpVXZ_GIzv23gOEIx7kXYuZUhs_gnfHdI6Wr2WGbZKSqRDuJ_HPCUuuPqDL9itaZBkDLf2JBruJgDz_8ieopp8hidmZT_eT0JEueN3UYrfItaUbOXqackh401uDIfXHUA1jfyoMqLAvm5MjZsuFg9xzXWe12QN-p_VizXLWcNoiJVjAoXglYKDdhL4P8izPoLrvMrR6WdkxwiWn3wjgoeNNfRQToCOm19fC2MaMnBEjcXd8HTq_7-QaFgmi5hsdCawzQretsfEjHtfC3-Pm4PLf0MnZVZzaamkImTOd3nKKU7RIzOjx7rGci4Ckgv93vYauuUGuqksZw&sai=AMfl-YRaHAPoa59ImZmHsXQSo-bEPMxX-kS-FmnuBsXDKokTL-IDhmD7iHH3XfzAyG6FmINgc2Z97wi2s7DKLOj4wrjVroJUZ9RZ6g4H6DK3tYBzxeGlUcJw_dDFVv-hvLM&sig=Cg0ArKJSzHiwKykHbdHJEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:20 GMT

GET
DATA 200
OK truncated
/ Frame DF04 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 805039857b89485ecc294968255183a67850b920cc745e297d0762de72dc90ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B81 0
0 70ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumqkzgFxcQ5VKbEi8JV4w184TPdOGOq94AxMtjdHPI7yyk4aSmucBQXEdsbMlezw-gJdXfipXtuplsYddT9sovJz3Q4qYv3AY8BOEnr7g8xl1RtyKmqMHqb9K1ogpGAjxq09sm8KO7wN1Uj1oL5bh4BHQeCqM0_HNNOpEak8edkaKi7t0ILbEkb3EWM9-UPTCpQeKP-nhkeGHyvfRKhDb7xEFUPWTzbBc2NJdGunb2ZY7AUCpyT4A_oiF1el3ljIo5ZUf3kSfttIAOZjeAy2swS_ovsX4F_Qkc8ufc0VBdX-UB2ixpNjSSWdzalU8dKu3egsHrFpVKnjPubByr3F0VrVfkaMVUP0oTDQ&sai=AMfl-YTnuHZRfVe3NMlopBICFcISook7kWdAWsHWZmgsgMqgb6Hr1byrvqpsAval1XOrOJOcW7--4PKd0EVVhGB9aDW1uUyEdFhvI5YPkq2EioYJZLmG2Tzdg7KEe-yQmJw&sig=Cg0ArKJSzCThnDoEBbdEEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:20 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 33DB 955 B
702 B 144ms
43ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 17 May 2021 15:30:20 GMT
via: 1.1 varnish
x-served-by: cache-fra19127-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1621265421.759808,VS0,VE12
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 44F4 973 B
1 KB 108ms
54ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.blokchaln.com.protect-user-account.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0b238fcb-7a0f-404c-882f-0efebbdec767-tuct79c118c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.blokchaln.com.protect-user-account.com/

Response headers

server: nginx
date: Mon, 17 May 2021 15:30:20 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 792 B
775 B 174ms
92ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=383725&tagid=2077655&crid=4813265&noaop=3&sortOrderType=0&cb=1621265420640&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1227&pt=-1408854553&tz=120&viewable=true&ddast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=4&sd=undefined&dtagid=1330625&dpubid=165547&abtst=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.freemalaysiatoday.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b7c727a1420d88362b1387fd7a3b005d3c64ee0a89af8a34e3ce4cad042c391

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 17 May 2021 15:30:20 GMT
content-encoding: gzip
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
machineid: 1466
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19166-FRA
pragma: no-cache
server: nginx
x-timer: S1621265421.752977,VS0,VE55
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 53ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=31589837&cb=1621265420630&uv=2968&tms=1621265420630&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1621265410705.5527!ts:1621265420630&mntl=4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame 5603 102 B
757 B 935ms
336ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1621265420649&ver=1&pub=51de85ddd068f0bc787691d356176df9&zone=27588&output=js&flash=0&url=login.blokchaln.com.protect-user-account.com&width=300&height=250&vpw=1600&vph=1200&auction=fce8adf-e7cedce
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4b541173e19d83843af11b9b86e86fa9a3e5263d48d401b1d48ffc9e02e76755

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 15:30:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 15:30:21 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 109
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F2B 0
0 78ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVEqDxEFqYZsKGavqUxhX9Lqj12HCxWmWM354cSVjUpvOygQfNl-OG2y9e0BlgCA_ok_NfK9LTWl2G-XlruqAQOye1tLt0hPG8IWgOX55J3uG1-LUbzvAcSGr6nkXpl9uKX8IaLqj8QJrgZdNPuEL1xT86bfD-heV0_Axs_BEXKcXibPEC-eUvk-sQL5_hMw4QtrnJL4ReDwhihRZHiW1yte-v1KYwJx819FI9_KVRv732s7aYROGuJ3uAqkkMDfHZQAdQtdM9U5mdmHhU1FeSoRJIdcGu1McbAWOzM4Ov5mtRxejoAU9J6KlW13_c2L0V7kCE_0Fk8TBHQKP4-IM13uLpZZIPWOuH_A&sai=AMfl-YRJBGGmZpcV7CEV2N97rOK6e2ApfvUL5jHBhhG1w1UsH-slj3g_Jq6z26ZVY2FOXZRYlkP_h4fKT2De1Ew0HeejUam2t2SEyoozWbF5_rGGNpTC6W3TzbEn81DJqj2C&sig=Cg0ArKJSzKs6MHKoipCyEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:20 GMT

GET
DATA 200
OK truncated
/ Frame 2F2B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a32cf3bd7db507fa2db92e0b2d2590c965d993fe7f78b2a0c282a5d809b344fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/ Frame 55D4 5 KB
1 KB 14ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e010e218b64e04bdbde3e2c35c11b67c55800a99db04c8ea0cb58e9d4220db11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4202332729906223417/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1378
date: Tue, 11 May 2021 10:21:52 GMT
expires: Wed, 11 May 2022 10:21:52 GMT
last-modified: Tue, 11 May 2021 07:47:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 536908
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A984 0
0 79ms
65ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFQI6CIyiYMTmHdCY-gac67049u-352K71pC46w2_4R4QASDHn7YrYPuBgICICqAB6vyszgPIAQmpAnWZk741ZbQ-4AIAqAMByAMIqgSKAk_QiGm-JOt8evZkWb3HQ1uWu-YsvUUs2eCpQC4Bv8mMCOOhf2SMu6WiR2mS2N0nXvwOYz1_d2foYXksEEmAZcSRHlViy531n5eDDtUY3yWIoaoy3k6D5nVMiaGzPZKqSmXsR5Fah9QlrWh2dOp8qIxX9jJAOxqq_irtgiGqibRw8-qq6ekglGl8N51Ekzlec8g2iuIKkfqPnIAQsXZSbsRYIOSsGKY82t_AxXIR5YYN0PROCbh7SWp6MYEBP6PvCbuVKH5jdUfkDYzBzl_zOOo_dTiCyxQT3FZ9PuWBenLVyHm71nqUBIMyJOuhEAtGy2-h9LAG8oIWRD96FAC8QPNKclW5jQRJsC-jwASrms740APgBAGSBQQIBBgBkgUECAUYBKAGLoAH_oLTMagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDctgPSCAkIgOGAUBABGB2ACgPICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNDg1MjY0ODY3NjMxNzQzNw&sigh=BUD_3aScEYE&template_id=419
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame A984 17 KB
7 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A984 2 KB
1 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A984 117 KB
36 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A984 13 KB
6 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:28:54 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B9CC 36 KB
12 KB 43ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 922
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 17 May 2021 16:14:58 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0991 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41465
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0991 295 B
326 B 16ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37584
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 18 May 2021 05:03:57 GMT

POST
H2 200 stream Show response
analytics2.m2.ai/ 2 B
351 B 56ms
56ms XHR
text/plain 35.156.250.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/stream?beacon=arinterval

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.freemalaysiatoday.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/ Frame 31A7 5 KB
1 KB 9ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Requested by

Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e010e218b64e04bdbde3e2c35c11b67c55800a99db04c8ea0cb58e9d4220db11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4202332729906223417/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1378
date: Tue, 11 May 2021 10:21:52 GMT
expires: Wed, 11 May 2022 10:21:52 GMT
last-modified: Tue, 11 May 2021 07:47:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 536909
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF83 0
0 67ms
64ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHgUgCYyiYPbZG5OngQfC4KmYB_bvt-diu9aQuOsNv-EeEAEgx5-2K2D7gYCAiAqgAer8rM4DyAEJqQKAC6--p1y0PuACAKgDAcgDCKoEkwJP0I-2U5bj9FfCtYsQPJMnb1-JDZlA5s_G0cCv36fzzFxrlh2UZgh7v1B0Dk-k-PfycDwjQskafol-h1rPntSc_Yvy83_NVAiIY83K1Zgyy-tvzh8poJ2Dc6gr4pMRMP501V5fO8SlMCwGMKHnA_HgH3ZH30zMpVW34xO6NIb16DwuSS4kdF0H3diTLg9kmGNP2Q_nikrhIhqDxHU_PwWMThEOKlD_nymYXpre1AXXn6fRDBmmr3o8n5hvNrL2NW7gdIXsfT0fWcLWMPTs_OMw0T_b07BEVIi2T3GTxvCFo01cqusm9Kv8KkXOmapMrE6X6mpGNeudo3OZ1Uo6qSdurmonjCOvZw1-V3_zda4Ecajn28AEq5rO-NAD4AQBkgUECAQYAZIFBAgFGASgBi6AB_6C0zGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQxdQS0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBgBcBshcaChgIABIUcHViLTQ4NTI2NDg2NzYzMTc0Mzc&sigh=bxFg2aR33Qk&template_id=419
Requested by: Host: login.blokchaln.com.protect-user-account.com
URL: https://login.blokchaln.com.protect-user-account.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame EF83 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:30:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame EF83 2 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:26:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF83 117 KB
36 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 15:30:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame EF83 13 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 15:28:54 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 44F4 43 B
183 B 325ms
94ms Image
image/gif 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 44F4 70 B
264 B 61ms
51ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 44F4 0
125 B 109ms
37ms Script
text/plain 35.156.153.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 44F4
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---

0
227 B

53ms
34ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Mon, 17 May 2021 15:30:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 17522

Redirect headers

Date: Mon, 17 May 2021 15:30:21 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 44F4 43 B
145 B 159ms
149ms Image
image/gif 3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 55D4 9 KB
3 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 55D4 26 KB
10 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:11:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 55D4 87 KB
31 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101980
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 11:10:41 GMT

GET
H3-29 200 vmouse.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 55D4 4 KB
2 KB 17ms
13ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/vmouse.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 jquery.scrollTo.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 55D4 2 KB
1 KB 17ms
12ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/jquery.scrollTo.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 in5.config.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 55D4 44 KB
13 KB 18ms
13ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/in5.config.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b104d9075cbd561f4894f396cff5c19c35f2471acad657b7bcd9ba7b999680e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13741
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 pages.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/css/ Frame 55D4 19 KB
5 KB 15ms
12ms Stylesheet
text/css 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/css/pages.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762278f203f9441f6f95450d1c535a7ccd10f6874b3398ff4aa6572c382f956b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5212
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 loading.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 6 KB
6 KB 18ms
14ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/loading.gif

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_234.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 25 KB
25 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_234.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58855f21e2052ae0981e168263dbad29a0955524fec1c59f65945c8e9e38347d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25328
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_248.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 4 KB
4 KB 52ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_248.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1941a2f6ccef1a4c6ea5daf692dccc0846b92d1f9a02afdcfb7df2b4b3efc4ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4301
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_289.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 16 KB
16 KB 51ms
14ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_289.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e06e944bfc03dccf3ae7d2209c6f5b361112e3e8c2ea240ddd817f67fd8b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16715
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_282.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 8 KB
9 KB 45ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_282.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffb003e130e8f95ffaf1211c357557e75a69f7cd71f9650d3e5bcf8d3940d30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7921
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_339.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 16 KB
16 KB 78ms
42ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_339.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e06e944bfc03dccf3ae7d2209c6f5b361112e3e8c2ea240ddd817f67fd8b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16715
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_361.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 2 KB
2 KB 77ms
42ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_361.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775e2632341b4562f89d16cb230f7254a358847947efbba89a6786ad76245f96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1848
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_411.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 8 KB
8 KB 65ms
30ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_411.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15258b233617a3f2800c287ab93de031c2d8e11e353cf8e2289f830a1fbbde7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7868
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_394.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 1 KB
1 KB 52ms
16ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_394.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9d770fc5e584dda7d657aafe3433cd1d90d53dfc983b036b31800b6a43481b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_399.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 3 KB
3 KB 60ms
25ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_399.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4d03cb952b569e1d0b9922dd1ab748e2554abf345a4e41be6db15be7f3fba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_381.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 778 B
845 B 52ms
18ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_381.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb37b88a1f51e3b8ecdba13c8cd7c5d662245bd492256dea84354625e6d37a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_355.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 3 KB
3 KB 53ms
19ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_355.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4d03cb952b569e1d0b9922dd1ab748e2554abf345a4e41be6db15be7f3fba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 item_242.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 55D4 3 KB
3 KB 61ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_242.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b54fd2e43e7040eeb497019591cf648afb029674cf6b2a5ac213bd70ff81a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3156
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4094 143 B
222 B 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlrVqTAKQyrRqCO6n_WQgMcB284lYSIdUp5uKpepyJjd_27cCL0mfvhIlKWEv4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 17 May 2021 14:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1991
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A984 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e5bb366b99bddd9285c461fe57138e59bc17b4ebb6dee0be03d7269a3b40da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 33DB 70 B
264 B 87ms
55ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 33DB 0
124 B 65ms
34ms Script
text/plain 35.156.153.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 33DB
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---

0
228 B

48ms
33ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Mon, 17 May 2021 15:30:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 17522

Redirect headers

Date: Mon, 17 May 2021 15:30:21 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=cad3bb43-b724-11eb-8f50-1dbc55590406&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 33DB 43 B
145 B 68ms
54ms Image
image/gif 3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9D19 42 B
64 B 45ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuURljyYE5xuOxMSMPuUsY5yCtIHrZn6knM8Vy_ptDOFjSQkWqu6WREPuPXGG-HVycymLqlOHg-DL8v49H3pWblsDZ8dUWu_tr8_5_2SvCftakJZW5Ta_9CVl536A&sai=AMfl-YSt8gpUdti8u1tbHdi3D_UksGcYe7Yt1h81ASUffeLz89iPen4asAHu2DQ6BLAdAWIDxp-wXXdCeDUdsTql-3_GsWI_n1WLXljlozyMIDGfldTzaRFYDn1xlSh1n00&sig=Cg0ArKJSzKf0K6B8jplwEAE&cid=CAASPeRoHYpOYFfrnJPDvceoDHqEN3emwjBxzYhRi44EX7ZhvTRBTS18IWR7NebH0th0vi2GgjUs15eUZsj8ua4&id=ampim&o=315,193&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1196&mtos=0,0,0,1196,1196&tos=0,0,0,1196,0&tfs=3094&tls=4290&g=100&h=100&tt=4290&r=v&avms=ampa&adk=3204544077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t1.taboola.com/ 2 B
197 B 1494ms
838ms XHR
text/html 141.226.124.212
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.212 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8527a891e224136950ff32ca212b45bc93f69fbb801c3b1ebedac52775f99e61

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:23 GMT
last-modified: Thu, 21 Jan 2021 15:58:49 GMT
server: nginx
etag: "6009a4b9-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t2.taboola.com/ 2 B
197 B 732ms
110ms XHR
text/html 141.226.124.240
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.240 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Sun, 24 Jan 2021 15:03:17 GMT
server: nginx
etag: "600d8c35-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t3.taboola.com/ 2 B
197 B 436ms
114ms XHR
text/html 141.226.124.208
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t3.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.208 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Thu, 21 Jan 2021 15:58:42 GMT
server: nginx
etag: "6009a4b2-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t4.taboola.com/ 2 B
197 B 762ms
114ms XHR
text/html 141.226.124.233
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t4.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.233 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 35135aaa6cc23891b40cb3f378c53a17a1127210ce60e125ccf03efcfdaec458

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t5.taboola.com/ 2 B
197 B 550ms
114ms XHR
text/html 141.226.124.194
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t5.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.194 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t6.taboola.com/ 2 B
197 B 909ms
115ms XHR
text/html 141.226.124.213
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t6.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.213 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e629fa6598d732768f7c726b4b621285f9c3b85303900aa912017db7617d8bdb

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Thu, 21 Jan 2021 15:58:50 GMT
server: nginx
etag: "6009a4ba-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t7.taboola.com/ 2 B
197 B 430ms
115ms XHR
text/html 141.226.124.227
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t7.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.227 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t8.taboola.com/ 2 B
197 B 474ms
115ms XHR
text/html 141.226.124.240
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t8.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.240 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:22 GMT
last-modified: Thu, 21 Jan 2021 15:59:33 GMT
server: nginx
etag: "6009a4e5-2"
content-type: text/html
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
pips.taboola.com/ 64 B
260 B 128ms
15ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 15:30:21 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://login.blokchaln.com.protect-user-account.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 5603 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7f4e0d1d7ddbeab87a839fb049ee5e56dd2b128f55184e65d7c8bdaada99b30

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5603 0
0 130ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR_UjGRWVN0h141p_lB3hqrmiT967vPPuswdSj9Y99z_8ohbt4J5E2BXPdJ8gIxJsw10XVRvdP1OEbHoLgysuXvfE6aPViClreSHJ7rSVNry6r4M9V1bcI3ez9qjph2Xqw4KLW1HDmR8JrmPaFmV9nttu6PhK5jZriqTfqcWg5ocV-L_D5IJvPDWXjpUAQBoANV4TRXXdHK_K6LTU43fk2BSFghnEEaoIv3x-_jFKMbwSZgl7h-9Ox0OPoWaSSx8t5pH8dt-zKhWIYB9PN5RRXAjlLNI-DBCVGVyqNeGONZ5WMEvYngY3cAzbmeSh3c6fiBQEef8S-Jfn7p7WTbV_KM1bdSuJQ3sFqvAdaFLTenA&sai=AMfl-YQDxkZMaj_fCgUjpJvKCrX-TykfNBuIThVafcylAvr_gFC41yr_ExVYIld3GlSXYI3olsIvwZ1Q0lSe-BW9oRirwNDXCAZCnrTxP6IeTHWXQ2Tmva302HbLY0eBpd8&sig=Cg0ArKJSzF8K75lJGZktEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 15:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 15:30:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F2B 42 B
108 B 44ms
40ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRf8Cs5gh3fiWZnneR-Phv9Q-WPjppKvey1743YgvyA_mD2KdNFhu8UJ7KutV3vio9uE-znTbtL0N2jc40641G0Nd-XCw8UodFf77Pb2Y&sig=Cg0ArKJSzNaEFwpUApM4EAE&id=lidar2&mcvt=1098&p=775,1022,1375,1322&mtos=0,0,1098,1098,1098&tos=0,0,1098,0,0&v=20210514&bin=7&avms=nio&bs=1600,1200&mc=0.71&app=0&itpl=3&adk=3980488743&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621265419004&dlt=0&rpt=1934&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 25A4 143 B
198 B 12ms
10ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 17 May 2021 14:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1991
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EF83 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f3de3caa9719fb414a4e09ea736bfaed896e30f5c3150042c3464e457657f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 31A7 9 KB
3 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 31A7 26 KB
10 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:11:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 31A7 87 KB
30 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101980
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 11:10:41 GMT

GET
H3-29 200 vmouse.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 31A7 4 KB
2 KB 38ms
35ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/vmouse.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 jquery.scrollTo.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 31A7 2 KB
1 KB 48ms
46ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/jquery.scrollTo.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 in5.config.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/ Frame 31A7 44 KB
13 KB 49ms
46ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/js/in5.config.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b104d9075cbd561f4894f396cff5c19c35f2471acad657b7bcd9ba7b999680e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13741
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 pages.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/css/ Frame 31A7 19 KB
5 KB 28ms
26ms Stylesheet
text/css 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/css/pages.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762278f203f9441f6f95450d1c535a7ccd10f6874b3398ff4aa6572c382f956b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5212
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:52 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:52 GMT

GET
H3-29 200 loading.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 6 KB
6 KB 7ms
7ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/loading.gif

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_234.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 25 KB
25 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_234.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58855f21e2052ae0981e168263dbad29a0955524fec1c59f65945c8e9e38347d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25328
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_248.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 4 KB
4 KB 32ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_248.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1941a2f6ccef1a4c6ea5daf692dccc0846b92d1f9a02afdcfb7df2b4b3efc4ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4301
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_289.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 16 KB
16 KB 41ms
15ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_289.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e06e944bfc03dccf3ae7d2209c6f5b361112e3e8c2ea240ddd817f67fd8b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16715
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_282.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 8 KB
8 KB 37ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_282.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffb003e130e8f95ffaf1211c357557e75a69f7cd71f9650d3e5bcf8d3940d30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7921
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_339.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 16 KB
16 KB 49ms
27ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_339.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e06e944bfc03dccf3ae7d2209c6f5b361112e3e8c2ea240ddd817f67fd8b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16715
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_361.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 2 KB
2 KB 50ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_361.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775e2632341b4562f89d16cb230f7254a358847947efbba89a6786ad76245f96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1848
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_411.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 8 KB
8 KB 50ms
26ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_411.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15258b233617a3f2800c287ab93de031c2d8e11e353cf8e2289f830a1fbbde7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7868
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_394.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 1 KB
1 KB 51ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_394.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9d770fc5e584dda7d657aafe3433cd1d90d53dfc983b036b31800b6a43481b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_399.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 3 KB
3 KB 49ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_399.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4d03cb952b569e1d0b9922dd1ab748e2554abf345a4e41be6db15be7f3fba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_381.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 778 B
809 B 49ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_381.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb37b88a1f51e3b8ecdba13c8cd7c5d662245bd492256dea84354625e6d37a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_355.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 3 KB
3 KB 48ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_355.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4d03cb952b569e1d0b9922dd1ab748e2554abf345a4e41be6db15be7f3fba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H3-29 200 item_242.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/ Frame 31A7 3 KB
3 KB 48ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/assets/images/item_242.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4202332729906223417/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b54fd2e43e7040eeb497019591cf648afb029674cf6b2a5ac213bd70ff81a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 536909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3156
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:39 GMT
server: sffe
date: Tue, 11 May 2021 10:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:21:53 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A83B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

105ms
28ms

Document
text/html

184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7989627&crid=4813265&dast=V7liECFgPENWbieujVLQTENWbieujVLQUAAAAGBjsHHbNbDlYMGm3E22wmm8VqNFsuFqPFcjlYrUZD2JjdcrBi0Ggj3mYz2SxWo9lwMtislpvBcgoOU3aaXJaDWiBrmlx-N6yh6XT4XPd63e93l1leLrfD7HB-ng7T3-Rw3jV-t1_jML18fsvzL3Y5Pa_Lyy8ZTAZ7wWQvmOxFR5dbcPlbzC635617mo5uvevyFvs9DrNbZXJ9HKan3-7WPD-nl9svBwAAAIAHgKS4aIgfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADAADkUgNgFeOBHF9jA7Ly3P6BwDAQwEIAIAABgmAgOFqCQBFU_AJAAAAAAAAAADL____fwxAXvqeDACG3XcPwIMPwANRwWoRIwAAAIAslFuLo0mdUFlUAQAQpFsBXAEABOTpzQsYhwEAABiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKEYV4q0oOiZGbVfQACAtV9AAAA2dQMAeBOACzqCVgwGqyOI4WIyOwAAAIC7____fz2QcO2GC8fMtbKsBiuLyTDcDQeb0cqycZgMg5Fvsz3acp_sg9CN_j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTrtnCtRo51pqRZbYWDSemtcQ0mq1FvsVstZo5d7PNcC16fUy_5caxGA63KBhAthfBRTqRWV4ut8PscH6eDtPf5HBexBLNySKdyC77hms3XDhmrpVlNVhZTIbhbjjYjFaWjcNkGIx8m33DNVu4ViPHWjOyzNai4cS0lphGs7XIt5itVjPnbrYZrkWvj-m33DgWw-G-MZssJrPVaDHbN2aTxWS2Gi1m-w6d4bv6nI3S4e_W8Sm-5XNlLDMfFC6DxXs9WKS1nbBmlJnXFovqt4x8Jlah3-_3-_1-v9_v927MBo_BYJh5tNvE2OXXbH7Ko0URSwSni3QiehlPF7FE8rRIJ8LRyOIxTlaO2co3s1ksDs_MYXINRoPlyDcbLDYTsURpukgneo3D9PL5Lc-_2OX0vC4vv2QwGewFk71gshcdXW7B5W8xu9yet-5pOrr1rstb7Pc4zG6VyfVxmJ5-u1vz_Jxebov6jwy4nIsGc8VwM5dMVgkAAAAAAAAAYAlz5k0AAAAAToOYrVaj3XIBHhptdIFFAAAAAAAAdl8RkQQ7aNpWixs_jjDLy-V2mB3Oz9Nh-psczisDQAxoM2_2TBBrtVrWAAAAAtgAAAAE3Lp5BwjJAQ!&cmcv=&pix=undefined&cb=1621265420631&uv=2968&tms=1621265420631&abt=adh5c-1_vA!insc_vA!spa2_vA!vpr6_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=4&cirid=3790EAF6D73323154691141990554&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 May 2021 15:30:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 17 May 2021 15:30:22 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4094
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

49ms
48ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 15:30:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 16:30:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 15:30:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 15:30:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A83B 30 KB
9 KB 41ms
32ms Script
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 15:30:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38991
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Tue, 18 May 2021 02:20:13 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 25A4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
167 B

41ms
40ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
URL: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 15:30:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 16:30:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 15:30:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 15:30:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A83B 284 B
536 B 127ms
33ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 74ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=722619200445837&bg=!x8SlxIDNAAY59bwoOfU7ACkAdvg8Wma9FL5Xck150l5X8knTeSfbFP-xXipmo1rYzAYrRaJ8mVSfhQIAAAYqUgAAAC9oAQcKAByMHtXIFWPqfJmuxlVAP6CM4pkZwqEUoSfn2nZUmQJiGS0I2is13yTsQzU72LvwgNylP4KlhaVT2hqRrZ8apT3UhrYVpVq8Pd_8ZfOkhkADBuzgakRRobmLZBWTIbIufog468hLjOA4bv-OKL_sOJCQWJHAfNRH7fxue_7epdKZTLbPUS1KHCckoT7pEflJr0KrDsN1LJFSs-6vp_Cgo2cua-wH41a8AgiDgBpV9M0KwGz9iFrCFcvq2-bji4TSeANlDWBZP9ERlHvQp-lsn2QvcekY5z7I78YcgFzrUdsLB7VC-t7nJa7hs7m4U_tJJ7j8jjLnLJDzcCXJX_2IQRCHfzN22hNqSSN9UP4Q-yfe53UwruP1rtRQZ3roJGOXlebea6bEgr4mKyEtoYhhGz9gFmvgljZeki2Akjp8PnGjp-SXsF5Llmc03uo9BRHc93arHL4P1TGkxT4VlWqmcmhocHHBrNc6gf57SENoF_OfpuayYm-tiZ1pvReS7HXruIfDjZdUalcG-EuV6qaQYk-0CFPzqzufdukLd2DnrbqBg2FqV9Bdv7rPBDd22fxdofcPcSYChAZVxTCyfABdV0DlSVehNKJq6l_kVXp6KEKnsOlgP6TA_MQOSugy0R8BhVwgxgG0oFIxVHDH3ZYVtap_hDkkX4yPN9nLOoVKhizfeC7EZktiemypja7794N2tNT0pk73-k8l6S-oJWqxO8EN62s9M5hSi8IzXvCYC_kcbnYsx_bQJxf_ltG9WyfvuGLh98nCVRaxcwo3hBazpr9RtU4JbqXrv8xorJICKSVF_VGSWSyE4ZfOI1uHT9LhvhRIumyBrptLulNU_Dvdo9soGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF83 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH3U_QxM0pfohW9i_OCSM4_mKrI2iT0U4MwnicLH7aKPYZ36O025O6NB9cmh8zJfXm0R01TLPPmSQGc1NUZajsiu5i2J8yUPZGLv45obtmUnOG6DYQAD2c9A4eDg&sai=AMfl-YQVX2j4qIhKhhEd5jEXSfuPagFBBaTWHarZIcxhEA5eeKTooUz_ghO92TgHV-iWKFXMsKMRXi6g1dncEvQosPTcxs-tbIothufO_M3o1QPh5pp54XX2Ett7qtUS30A&sig=Cg0ArKJSzOIS_t8a7gkwEAE&id=lidar2&mcvt=1009&p=487,1022,737,1322&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1144037825&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621265420102&dlt=822&rpt=2&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 487ms
111ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=a56a55d1-3d26-48b4-b446-d71655f97638-tuct79c1188&dnid=1430102902152330&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 17 May 2021 15:30:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 98ms
97ms Image
image/gif 34.197.178.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=freemalaysiatoday.com&p=%2Fcategory%2Fleisure%2F2020%2F02%2F02%2Fthe-problems-with-our-local-education-system%2F&u=DNmNhvpWJPu3MZ3S&d=login.blokchaln.com.protect-user-account.com&g=65124&g0=Highlight%2C%20Lifestyle%2C%20Top%20Lifestyle&g1=School%20Advisor&n=1&f=00001&c=0.25&x=0&m=0&y=6584&o=1600&w=1200&j=30&R=1&W=0&I=0&E=4&e=4&r=&b=2961&t=BTyCVFCXSUfPF9THHBEGkWeCY9nfE&V=126&tz=-120&sn=2&sv=CyoXxcCiAz-LDWaITXMU2wMC6y-tf&sd=1&im=067b0cd3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.178.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-178-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://login.blokchaln.com.protect-user-account.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 15:30:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.freemalaysiatoday.com
URL: https://www.freemalaysiatoday.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16

Domain: www.freemalaysiatoday.com
URL: https://www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1

Domain: www.freemalaysiatoday.com
URL: https://www.freemalaysiatoday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.ttf?1

Domain: www.freemalaysiatoday.com
URL: https://www.freemalaysiatoday.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

331 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.freemalaysiatoday.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2104130153000 https://login.blokchaln.com.protect-user-account.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://login.blokchaln.com.protect-user-account.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://login.blokchaln.com.protect-user-account.com/
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: could not enable debugging from localStorage for error TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: dumping stack Error at Object.pg.crit (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:178800) at asqInit (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:212166) at i.value (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:206901) at i.value (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:207187) at Object._pbChunk.326 (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:215144) at l (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:6215) at Object._pbChunk.326 (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:174096) at l (https://m2d.m2.ai/pg.freemalaysiatoday.js:2:6215) at https://m2d.m2.ai/pg.freemalaysiatoday.js:2:6599 at https://m2d.m2.ai/pg.freemalaysiatoday.js:2:6610
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	error	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: critical error found Error
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://login.blokchaln.com.protect-user-account.com/
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support
console-api	warning	URL: https://m2d.m2.ai/pg.freemalaysiatoday.js(Line 2) Message: no localstorage support

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
19276e3b8073c3801c94ad71143e1435.safeframe.googlesyndication.com
ad.mox.tv
ads.betweendigital.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
analytics2.m2.ai
as.innity.com
bgstats.mox.tv
bh.contextweb.com
bttrack.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.innity.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
count-server.sharethis.com
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
l.sharethis.com
login.blokchaln.com.protect-user-account.com
m2d.m2.ai
match.adsrvr.org
match.taboola.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
rd.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s0.2mdn.net
s3media.freemalaysiatoday.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.chartbeat.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
taboola-supply-partners.tremorhub.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
vidstat.taboola.com
wf.taboola.com
www.freemalaysiatoday.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
www.freemalaysiatoday.com
104.111.224.62
13.224.103.170
13.32.25.98
139.162.84.221
141.226.124.194
141.226.124.208
141.226.124.212
141.226.124.213
141.226.124.227
141.226.124.233
141.226.124.240
141.226.224.32
141.226.228.48
142.250.181.226
142.250.184.226
149.129.240.178
151.101.13.44
167.71.9.19
174.137.133.49
178.250.0.163
18.195.155.181
18.196.131.255
18.198.109.212
184.30.212.16
185.178.208.136
185.29.135.234
185.33.220.243
185.64.190.80
185.86.137.132
185.94.180.125
188.42.191.196
190.2.153.150
192.132.33.46
198.148.27.139
199.232.137.44
204.236.217.48
216.52.2.30
23.79.143.124
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
2600:9000:2057:dc00:1d:85c3:6640:93a1
2600:9000:2057:f400:18:1fcd:34e:d2a1
2600:9000:2156:3000:c:a9b7:ddc0:93a1
2600:9000:2190:800:1c:8a07:5e80:93a1
2600:9000:2190:9400:c:abe:f440:93a1
2606:4700::6810:a823
2606:4700::6812:5a47
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9b
2a04:4e42::300
3.124.251.221
34.197.178.4
35.156.153.71
35.156.250.242
35.190.16.14
35.244.159.8
51.195.5.38
69.173.144.139
76.223.111.131
99.86.2.96
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
05e93e19d8a669b35e67ebafb28b3329afe8b827813d67475024503582aeeda2
06ab30ab5b187bd75c4ffc488d74f7f2399da3b675ef5a9e9c9597cb1e4058e7
077432caac84d8de33774c45eba0e04cbbf27926ec33e3cf478b60fef30dd1ef
08d2d3c2e723b7b6f2e338ecbd65ecb638193b44f507e3df2f12e87d8a31049a
0958e91e1c45ea3255d36eb3466e45f4f714fc711f2d6acca6fd5820ae079f05
0a4ad6bcb62f6dbd4bdf61347d9e6b7e1576a470a6844049b7aab0e4a4ea76dd
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0ac0b0bb2c86cccb5ec4560e980cc8fe31fb0479eddcaca23c07eb5421b1295f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
0f52d668ce099105b8ef434b6bf9e877fb2e050e97ad1ad1ce99622af6ab3c59
1072d999f07e32def8fc4e0633a79bb0171c43579f429b5098b59855f441bda0
10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9
10b29a73b0234f4449369c6f92f795f0cec7e034360587c2630c68cac99fd35c
12438c0ba99111a720881c2f9c37975329b4cc457122a39229efee127b250ff5
13e52e5d85b65d574e86d7f744fe4a7642d9e245a6098ca2bc6e41c25affc78a
144643677fa783c4ef28117ea544772e95d17b80d39d44a12455908ffa0dc349
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1941a2f6ccef1a4c6ea5daf692dccc0846b92d1f9a02afdcfb7df2b4b3efc4ee
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1dd10fff2c800b3990cd8ee3bfa8959b7803ee0ad034e8debc21beb571082d9e
218304ba854326aa21ddc3a5661591f63bcfb2df27a5e2a357f21250ddcf8c1e
21ad18b79e79fa70b7d49336d0da06e7a9725cf311add68e26fb7691c5c3c6b8
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
227fd670e5f17d730c70e9ac469f9a125cf848b2bca79a47b2a425b15366be72
23a71aa0b2c9ff0510e75457925efc40b9b9596ca1109105cc59ecf872bb2f72
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
274cc9afff56763fe535afc4e6fe03176f5450e21b1c746fda76d8d5b1ddaf6f
2779c2ff3dc9dfbc282392aa3cb5212f6ad6912ee862441d7183da37e5829ef6
2800016a2e6056b1555b6de689a06bf8928f9392322ed3cb33134628483f0d39
294764641ec9a12ef2628971e93131a899de4e2161dce6b580bdefcf61c5491b
2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402
2be8f56a4a70d676b427368242ce718fa41a92dd8ae5d842dac3791d5774d215
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4
3093a4caa25301061ab783ed6f085af6d55f21efcba70c536814bd99c841ca46
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35135aaa6cc23891b40cb3f378c53a17a1127210ce60e125ccf03efcfdaec458
3557494ae96e779cde86ac3d71e253e281536b25322f76de94a6a3b14c36b74b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
3b3081fbd6b5e458edde502df8d6fc235c5e9bd517fc161880f803e6dd5a9ba9
3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a4beb7bb195c6489bf9f6c1ff27c38942f9258ec62f1bfe0a97ffb74de3f96
41e581943d6679297871ff8cf3a21e400d90be941a424b208b031534f7418e59
420f6e4c5921ea30ebed955b1c62f3e09aed67882b93bbcf524cbcb02a615969
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b54fd2e43e7040eeb497019591cf648afb029674cf6b2a5ac213bd70ff81a1
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4949c677e5b332c21db431cd7710c28817452f72fca076e89906a3e8e6b9be2e
4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5
4a8aadad367880ae5621d111873c6636394c4f1dc2d1e81617dc48f7dcd6916c
4b541173e19d83843af11b9b86e86fa9a3e5263d48d401b1d48ffc9e02e76755
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf63af61eae56517944f32094187ba6082c7d29cfaac60064142769f57af1c5
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4d5fc38ebe4cd95f4806919cfdc5720f1545bc6c8b40900cdd3ab66e053d4be3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e74e3abb021a7ddc2d2d3012b40617e80037b8c13ace9b7de26752231eed11b
4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85
50ee03df6468b942dbc8387784597b6e4ac0b90b33249c813a70d571c6f48779
50f37df3a911f69fa5db61519e6becbdfc7a90602cead41bda596cf063539393
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790
53ab9f6113e6663712b0a604bed4abf46b3bee738e5bd12c9439ec71bb287d9f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548f3de3caa9719fb414a4e09ea736bfaed896e30f5c3150042c3464e457657f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
555612edc550937a131859b74de03bb36489d00176447ae1377422f24de196a8
58855f21e2052ae0981e168263dbad29a0955524fec1c59f65945c8e9e38347d
59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b7c727a1420d88362b1387fd7a3b005d3c64ee0a89af8a34e3ce4cad042c391
5cfee915ca3b52bd2712d8c5b6cc37562f984f0eb1bf713cfa55c07b4ad831ce
5e30226e5f7510a0ca166fcc9752a30cb5d0a088cc38d0e4ad3bf1071509b533
5e34c94e94c508b64d7427222cde11cef9835dfb7aec44874585b6bf50fb8e9b
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
606cb7f4969ded9a1615fca4c0db0847223820d6295527932c1b802170bbe778
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4
648bafc4e157111d2fb4be536e6576bc0b6774d8c54173c60ec032d02c34dbb4
64c015749144df914db71d20cf197ec7a24483683b522c1e58d840b75240b61b
6597b95be4c78428ec5daea476b4e3b523f8ed3b24c1491e382815b8d304d37a
66f5800e7da454fc88c05bf7736e897b3935c3f35f67f46deeb0e81cb1c33053
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497
6d1579f19db9ef3fc36d6f74d011fc11b80e560ad2e5e6e7448387ac8a9816f2
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6ec5dc4b2b7de3e52096921e6206c703b02aa93d62f751a173241b1322ac4093
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
7030ad77d83160d1ea7acf6f38415f54c13e2b7068da847807383ecfce0f0be3
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7348b1f037c43d1f5c24e1aca7d5b4032f7ad1607f49b43d9622faa160029426
736b2cf9370a74c388621d1417d0460ab547f467b96d0c53ac9c1d9af7cdb6fd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
742f075219bcc287114c2524e97111f1f8ee80fb58b3dcd3cf0fcd6cf15855a6
762278f203f9441f6f95450d1c535a7ccd10f6874b3398ff4aa6572c382f956b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
775e2632341b4562f89d16cb230f7254a358847947efbba89a6786ad76245f96
792641a8c7f6cc23be41ea7b8977260961c0ae9c4ea4f744df0a2019720c1af8
7b113e28b52c7741ba36a1723e2063562e018168670f5daa7a5edcf6abf1195b
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7c9d770fc5e584dda7d657aafe3433cd1d90d53dfc983b036b31800b6a43481b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805039857b89485ecc294968255183a67850b920cc745e297d0762de72dc90ea
80e0a4228cb950a517cfdbb3f596c38416c799b3737629f12fdc9449717aadd8
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8527a891e224136950ff32ca212b45bc93f69fbb801c3b1ebedac52775f99e61
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb
8af0cbefe42cad58f298485059530b3ce16930e3274429d6a9371689495c0ce1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
8fbe99cac77c56627e9529552e91498163cb49c395e5dd7e0aa8e24ff07c74e5
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
94e37f1a24a682b88f0212e2514f7e4cd3a2601342aaf332de8dc39ef544c44e
97148294651f71eb2be2e2f84736de37708be96835bf8cbeb6ea96e5b3b21dea
97dfa85226983727645d4a944d31a9b8da914b9280b8fa8e81f377565835f44e
9a764f002370e86e69e4e5ecb3a7570d0a26bce26eae72e2f4f10edcc1bd98c2
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cd2978a5170ef82d56d00d9d44b5a43b0985f196c056d66c2518ae1174bf4fd
9fa9a468b353d73acb7e1465c2e778c10f0e01e1460dd8a33a81b04f2767fd04
9fc8f861ea18038dcdd37278c151005815d0c7643f7c6756a57bd61b9a878d3d
9fe4d03cb952b569e1d0b9922dd1ab748e2554abf345a4e41be6db15be7f3fba
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08106c0e8f35b6d783a7e80d3c8f3302cb63b35f75d51027984065e6bc87eca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a27a440004f20ee36f34f1b8df91b7def4bd4f38b6dfc035386eebfd46128426
a2860023e79d54a40fa385867a8e550eccd87aefbb15ba8ad350ada90ad9dfcc
a32cf3bd7db507fa2db92e0b2d2590c965d993fe7f78b2a0c282a5d809b344fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4dd098c8464d1a9385f17af4f8d5e1192eb07e7c48237c9788eda0796692fa9
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b064b73f1b1b8a688aff47a2b3fb5aad9fd790dba33c8b606b761aac604b2e
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
abe082af249cb695e1a36dd2aa90acce5252b388813599f28769e0b0c80e4207
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aea323a4ce86df0067d515045882ac13899a0982931ef9333132788f3903d6b0
af4739e820dc33d470ce31d25a009182515ba05f39cf05d7525885f63ebedc1b
afb1685687cb26375725910958868bc2f8013315811b0dea0cd4f14e789942bc
b104d9075cbd561f4894f396cff5c19c35f2471acad657b7bcd9ba7b999680e0
b15258b233617a3f2800c287ab93de031c2d8e11e353cf8e2289f830a1fbbde7
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b64c8c687e035d281f152fb3d41a4e17f2e8abae2e2e00ea2ea41180f5778a0a
b6f5b5eed5dff03e34dafdccd285eb976e16ecea22a6cf2e65b610c516894254
b7f4e0d1d7ddbeab87a839fb049ee5e56dd2b128f55184e65d7c8bdaada99b30
b7fe967453ba62a24b35d146052d6c456589a91f6a70bc8473a2de6401f035f1
b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b9006d2b227b622a490a6a579c534565b60413b4b79e0aaf4129716528b836d9
b93d116bdc2efcc0721861b651a65fdd7a7386a05076a614c806eb4fb1330e75
b98f1b0515843ffc311314fba77e1475347d89981a1d966ebdc2db7c99a7515c
b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bbb37b88a1f51e3b8ecdba13c8cd7c5d662245bd492256dea84354625e6d37a3
bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092
c143c60d1524b04549b166b2b82718da055c4a8ea045f845d2273de1ecf80fcc
c266c9ae60ecd1a496c75cc6f4db3a5c4aaaefa38ea56d7ab5780eb37dbe635f
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c4f9c59bbd90fc60bf5b6e12b74567607d0eb8a441853155aaffbbac179fcd6c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c748ac5015026a3db6c59541ff05ce06c318f6ee90da40b66294f8dcd4272fcc
c7e5bb366b99bddd9285c461fe57138e59bc17b4ebb6dee0be03d7269a3b40da
c8f4d1094b1deb1803fa9dd3b7b82dc1b0971bd3a500d5bfae2e1c37e8e8630d
c959ce6d5c94037c54d31e9e9a383bb379e9984ffd91c874db0a0272b053c52f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf42d844c65d7fbd123d4692aab6b72cfdb5ce2d4a820ba7e9e6ebbd18118f3d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d335bed5316c5376b52fc17010f040e4f3ec93d3aa92eefade53da11b662cde3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d991550839b9f9a51020e55179a9b65c54eeb315536ff71df338dae4f7531286
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7e34f504846de6ae6931a551beb8695ec9dc032989ce4f9a371644c0d5352a
e010e218b64e04bdbde3e2c35c11b67c55800a99db04c8ea0cb58e9d4220db11
e1a07847a33cc6fdff539055f36dc3a60369b47ffb367a18b8ccf63c4efc7c0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d046bd136afc33dba78a850ec7861aae3adc1d28b525efd5cef30d31c98433
e477d76903bf135fdfd884e2967a30f783e3a44d6e3f621636cd9e526f0dc1da
e478af26d292656393aacd8774b4474bd33a71e3758c81bbe3edebb49ede388c
e49e85b112effb34dcdd21d5ed973000d4acf7507d4d1c22b7f357d76180c97c
e629fa6598d732768f7c726b4b621285f9c3b85303900aa912017db7617d8bdb
e7148017a9d12a6eb01bb644e4426af2d7fc30d26a187e9b23b4209cb4bc96b6
e721d68e017b139b4ce179fc81c1687116bab4155828db0e2450f51960be9de7
e801bde8ed3cf27930e000c21ebc76ad916e839d5ac922116d20c38b2f36eaec
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ed575d7b4af685ce5b0b384864d3111107352560fd33c0d1b88b54f9d11ba4ce
ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f625425a445a0c29242f527ae55b3627d0b87c8366d495224c5bf01cf7c2d599
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f70e06e944bfc03dccf3ae7d2209c6f5b361112e3e8c2ea240ddd817f67fd8b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f84484a6fcf97a77906921b62e1c83ab13b7fa1f0c06cfe4c13a9dc2478391e4
f9735356210677c844757cf7554eaaea1aa1436686d9d0e019b3a07d8285f73e
fbbc2b387e01d0bb039f72e4135f66fe9759b8042f4409287a91f3fe4992ba84
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ffdc62228b7a80c7eca49e5fae17e3991490635a048eb90f9ef9cc6156c3fa1a
fffb003e130e8f95ffaf1211c357557e75a69f7cd71f9650d3e5bcf8d3940d30

login.blokchaln.com.protect-user-account.com Open in urlscan Pro 185.178.208.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

398 Requests

95 %HTTPS

37 %IPv6

48 Domains

89 Subdomains

69 IPs

11 Countries

6045 kBTransfer

13223 kBSize

0 Cookies

105 Outgoing links

Redirected requests

398 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.blokchaln.com.protect-user-account.com Open in urlscan Pro
185.178.208.136 Public Scan

Screenshot
Live screenshot

Full Image

398
Requests

95 %
HTTPS

37 %
IPv6

48
Domains

89
Subdomains

69
IPs

11
Countries

6045 kB
Transfer

13223 kB
Size

0
Cookies

398 HTTP transactions
0 data transactions