urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com.my Open in urlscan Pro
18.173.233.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Submission: On December 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 144 IPs in 14 countries across 99 domains to perform 727 HTTP transactions. The main IP is 18.173.233.11, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com.my. The Cisco Umbrella rank of the primary domain is 162851.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 17th 2023. Valid for: a year.
This is the only time www.thestar.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.173.233.11 16509 (AMAZON-02)
95 18.66.248.40 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.64.162.56 16625 (AKAMAI-AS)
1 13.32.27.80 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
2 52.219.164.46 16509 (AMAZON-02)
42 18.66.97.44 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
9 23.35.237.86 16625 (AKAMAI-AS)
16 52.219.164.10 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
2 2.19.105.180 16625 (AKAMAI-AS)
14 2a00:1450:400... 15169 (GOOGLE)
1 108.138.26.16 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 3.121.91.255 16509 (AMAZON-02)
21 2a00:1450:400... 15169 (GOOGLE)
11 185.64.190.82 62713 (AS-PUBMATIC)
4 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.228.188.75 16509 (AMAZON-02)
3 167.235.124.23 24940 (HETZNER-AS)
10 185.64.189.112 62713 (AS-PUBMATIC)
5 2602:803:c003... 26667 (RUBICONPR...)
7 35.227.252.103 15169 (GOOGLE)
1 13 2.19.217.101 16625 (AKAMAI-AS)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
2 65.9.66.68 16509 (AMAZON-02)
1 2600:9000:244... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 146.75.118.132 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
2 18.65.39.29 16509 (AMAZON-02)
1 95.101.54.219 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:215... 16509 (AMAZON-02)
4 34.98.64.218 396982 (GOOGLE-CL...)
2 2.19.217.60 16625 (AKAMAI-AS)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 162.19.138.82 16276 (OVH)
1 104.244.42.136 13414 (TWITTER)
4 198.47.127.19 62713 (AS-PUBMATIC)
3 167.235.124.59 24940 (HETZNER-AS)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
2 52.19.8.73 16509 (AMAZON-02)
3 64.202.112.223 23352 (SERVERCEN...)
7 2.18.161.178 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
1 2407:c080:140... 55990 (HWCSNET H...)
2 2a00:1450:400... 15169 (GOOGLE)
2 65.1.255.177 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:20b... 16509 (AMAZON-02)
7 3.7.132.159 16509 (AMAZON-02)
2 64.202.112.255 23352 (SERVERCEN...)
1 69.173.144.165 26667 (RUBICONPR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
59 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 18.238.243.65 16509 (AMAZON-02)
1 2600:9000:238... 16509 (AMAZON-02)
3 2a03:2880:f17... 32934 (FACEBOOK)
14 47 142.250.185.194 15169 (GOOGLE)
10 14 172.64.151.101 13335 (CLOUDFLAR...)
5 11 37.252.171.149 29990 (ASN-APPNEX)
1 144.76.128.227 24940 (HETZNER-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 52.222.208.154 16509 (AMAZON-02)
1 151.101.3.52 54113 (FASTLY)
2 34.107.231.31 396982 (GOOGLE-CL...)
1 3.71.149.231 16509 (AMAZON-02)
2 2600:1901:0:3... 396982 (GOOGLE-CL...)
4 142.250.181.230 15169 (GOOGLE)
17 138.201.63.157 24940 (HETZNER-AS)
2 35.244.159.8 396982 (GOOGLE-CL...)
1 99.86.4.128 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
3 2.18.161.51 16625 (AKAMAI-AS)
1 5 88.99.219.174 24940 (HETZNER-AS)
1 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 4 78.46.90.238 24940 (HETZNER-AS)
1 4 138.201.63.145 24940 (HETZNER-AS)
13 2a00:1450:400... 15169 (GOOGLE)
1 4 138.201.220.30 24940 (HETZNER-AS)
1 2 46.228.164.11 56396 (AMOBEE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 178.250.1.9 44788 (ASN-CRITE...)
3 3 46.228.174.117 56396 (AMOBEE)
1 1 35.214.237.47 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 142.250.185.66 15169 (GOOGLE)
1 199.127.206.103 26120 (RHYTHMONE)
1 54.170.64.73 16509 (AMAZON-02)
2 3.33.220.150 16509 (AMAZON-02)
4 8 2a01:4f8:d0a:... 24940 (HETZNER-AS)
4 167.233.14.134 24940 (HETZNER-AS)
8 91.121.248.44 16276 (OVH)
4 2a0b:4d07:102::1 44239 (PROINITY ...)
4 13.42.211.181 16509 (AMAZON-02)
4 8 216.58.206.38 15169 (GOOGLE)
4 4 94.23.99.218 16276 (OVH)
2 2 52.29.13.21 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
4 4 85.114.159.118 24961 (MYLOC-AS ...)
1 2600:9000:211... 16509 (AMAZON-02)
1 81.17.55.171 60781 (LEASEWEB-...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.2.49 54113 (FASTLY)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 4 51.89.9.252 16276 (OVH)
1 54.74.86.123 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 18.66.147.98 16509 (AMAZON-02)
4 18.239.50.87 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 18.194.200.250 16509 (AMAZON-02)
1 172.240.127.131 7979 (SERVERS-COM)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 147.75.84.158 54825 (PACKET)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.88.17.186 24940 (HETZNER-AS)
1 35.156.170.234 16509 (AMAZON-02)
1 2607:4f00:932::2 55081 (24SHELLS)
1 81.17.55.99 60781 (LEASEWEB-...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 3 216.52.2.48 30282 (AS-INAPCD...)
1 185.106.140.18 7979 (SERVERS-COM)
1 192.96.203.13 30633 (LEASEWEB-...)
1 23.56.205.163 16625 (AKAMAI-AS)
2 3.124.69.248 16509 (AMAZON-02)
2 2 213.155.156.182 1299 (TWELVE99 ...)
2 2 76.223.111.18 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 3.10.29.13 16509 (AMAZON-02)
2 89.149.192.200 60781 (LEASEWEB-...)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 37.157.2.229 198622 (ADFORM)
727 144
7    18.173.233.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-11.dus51.r.cloudfront.net
www.thestar.com.my
95    18.66.248.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-40.dus51.r.cloudfront.net
cdn.thestar.com.my
6    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
experience-ap.piano.io
c2-ap.piano.io
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.64.162.56 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-162-56.deploy.static.akamaitechnologies.com
s7.addthis.com
1    13.32.27.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-80.fra56.r.cloudfront.net
platform-api.sharethis.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    52.219.164.46 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3.ap-southeast-1.amazonaws.com
42    18.66.97.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-44.fra56.r.cloudfront.net
apicms.thestar.com.my
12    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
amplify.outbrain.com
wave.outbrain.com
16    52.219.164.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
2    2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
1    2600:9000:211e:a400:1c:47d:4bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tw.netcore.co.in
2    2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    108.138.26.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-16.fra56.r.cloudfront.net
code.piano.io
1    2600:9000:206f:1000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.121.91.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-91-255.eu-central-1.compute.amazonaws.com
l.sharethis.com
21    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
11    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
t.pubmatic.com
4    2a02:26f0:ab00:3b7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.228.188.75 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
sites.thestar.com.my
3    167.235.124.23 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0001.cxense.com
api.cxense.com
10    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
13    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2447:200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
10    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net
sb.scorecardresearch.com
1    95.101.54.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-219.deploy.static.akamaitechnologies.com
osjs.netcoresmartech.com
8    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
bab501f6df12691399357203768b8482.safeframe.googlesyndication.com
6    2600:9000:2156:4c00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
starmediagroup-d.openx.net
google-bidout-d.openx.net
us-u.openx.net
2    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
7    2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com
images.outbrainimg.com
7    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:4400::ac40:944b (United States)

ASN13335 (CLOUDFLARENET, US)
52a360d4000447a08efd7617080680a9.js.ubembed.com
1    2600:1901:0:7a38::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
j93557g.com
1    2407:c080:1400:32:bfa9:8b32:ac66:a3f (Beijing, China)

ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
dtm-drcn.platform.hicloud.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    65.1.255.177 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-65-1-255-177.ap-south-1.compute.amazonaws.com
twa.netcoresmartech.com
2    2a02:26f0:3500:12::1730:17bd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnt.netcoresmartech.com
1    2600:9000:20b4:f200:9:a948:8e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.boxx.ai
7    3.7.132.159 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
psegment.netcoresmartech.com
2    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
12    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
59    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
27    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.238.243.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-65.ams58.r.cloudfront.net
assets.ubembed.com
1    2600:9000:238d:600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
47    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
14    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
11    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    144.76.128.227 (Kürten, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap16.adplayer.pro
serving.stat-rock.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.3.52 (United States)

ASN54113 (FASTLY, US)
rtbpass-us.andbeyond.media
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2600:1901:0:328a::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
handyfireman.com
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
17    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal9000.redintelligence.net
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2600:9000:236e:7c00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
3    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t.teads.tv
5    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
4    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
4    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
13    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.214.237.47 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 47.237.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:4400::ac40:915f (United States)

ASN13335 (CLOUDFLARENET, US)
video.unrulymedia.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    199.127.206.103 (United States)

ASN26120 (RHYTHMONE, US)
aniview-diag-server.1rx.io
1    54.170.64.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    2a01:4f8:d0a:2321::2 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
4    167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
8    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
4    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    13.42.211.181 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-211-181.eu-west-2.compute.amazonaws.com
track.webgains.com
8    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
5994599.fls.doubleclick.net
4    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    52.29.13.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2600:9000:211e:aa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    54.74.86.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-86-123.eu-west-1.compute.amazonaws.com
match.360yield.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
4    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
4    18.239.50.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-87.ams58.r.cloudfront.net
cdn.track.production.webgains.team
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    18.194.200.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    172.240.127.131 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
1    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
1    35.156.170.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-170-234.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg-apac.smartadserver.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
2    3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
buy-ap.piano.io
8    3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
api.webgains.io
2    89.149.192.200 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
Apex Domain
Subdomains		 Transfer
145 thestar.com.my
www.thestar.com.my — Cisco Umbrella Rank: 162851
cdn.thestar.com.my — Cisco Umbrella Rank: 146335
apicms.thestar.com.my — Cisco Umbrella Rank: 100163
sites.thestar.com.my — Cisco Umbrella Rank: 220294
2 MB
97 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422
618 KB
94 googlesyndication.com
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
bab501f6df12691399357203768b8482.safeframe.googlesyndication.com
648 KB
34 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal900029.redintelligence.net — Cisco Umbrella Rank: 261914
hal900019.redintelligence.net — Cisco Umbrella Rank: 277154
hal900010.redintelligence.net — Cisco Umbrella Rank: 243345
hal900016.redintelligence.net — Cisco Umbrella Rank: 185856
370 KB
27 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
ut.pubmatic.com — Cisco Umbrella Rank: 7777
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
t.pubmatic.com — Cisco Umbrella Rank: 3146
159 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
716 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
adservice.google.com — Cisco Umbrella Rank: 93
36 KB
18 amazonaws.com
s3.ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
484 KB
16 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
sync.teads.tv — Cisco Umbrella Rank: 1299
t.teads.tv — Cisco Umbrella Rank: 2635
139 KB
15 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
starmediagroup-d.openx.net — Cisco Umbrella Rank: 331986
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
2 KB
15 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2138
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4308
mv.outbrain.com — Cisco Umbrella Rank: 2682
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7106
amplify.outbrain.com — Cisco Umbrella Rank: 2795
tr.outbrain.com — Cisco Umbrella Rank: 2619
wave.outbrain.com — Cisco Umbrella Rank: 2771
122 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
10 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
236 KB
12 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
75 KB
12 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
medialead.de — Cisco Umbrella Rank: 46843
3 KB
12 netcoresmartech.com
osjs.netcoresmartech.com — Cisco Umbrella Rank: 55989
twa.netcoresmartech.com — Cisco Umbrella Rank: 37009
cdnt.netcoresmartech.com — Cisco Umbrella Rank: 41802
psegment.netcoresmartech.com — Cisco Umbrella Rank: 65474
76 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
8 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
791 KB
10 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5183
api.cxense.com — Cisco Umbrella Rank: 7965
p1cluster.cxense.com — Cisco Umbrella Rank: 9278
comcluster.cxense.com — Cisco Umbrella Rank: 4661
id.cxense.com — Cisco Umbrella Rank: 10741
84 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
19 KB
9 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4380
buttons-config.sharethis.com — Cisco Umbrella Rank: 4860
l.sharethis.com — Cisco Umbrella Rank: 4541
platform-cdn.sharethis.com — Cisco Umbrella Rank: 9179
53 KB
8 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 164531
22 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
510 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
bidder.criteo.com — Cisco Umbrella Rank: 776
9 KB
7 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2858
163 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 340
35 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
250 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
25 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
4 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
10 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
1 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10220
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
711 B
4 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
2 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
7 KB
4 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 128498
4 KB
4 futalis.de
futalis.de — Cisco Umbrella Rank: 305788
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
72 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
67 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
46 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
39 KB
4 piano.io
experience-ap.piano.io — Cisco Umbrella Rank: 94353
code.piano.io — Cisco Umbrella Rank: 46228
c2-ap.piano.io — Cisco Umbrella Rank: 86409
buy-ap.piano.io — Cisco Umbrella Rank: 89123
110 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
a.ad.gt — Cisco Umbrella Rank: 1869
4 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
aniview-diag-server.1rx.io — Cisco Umbrella Rank: 23404
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
247 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
74 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1549
132 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
645 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
572 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
video.unrulymedia.com — Cisco Umbrella Rank: 20397
8 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
796 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 handyfireman.com
handyfireman.com — Cisco Umbrella Rank: 240292
902 B
2 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24966
4 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 ubembed.com
52a360d4000447a08efd7617080680a9.js.ubembed.com — Cisco Umbrella Rank: 234635
assets.ubembed.com — Cisco Umbrella Rank: 11732
49 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 queryly.com
www.queryly.com — Cisco Umbrella Rank: 11671
11 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
715 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
278 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
704 B
1 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 30104
180 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9875
2 KB
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4825
1 KB
1 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4065
254 B
1 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 22777
933 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
354 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
658 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
891 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 1765
199 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
542 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
235 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
610 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
417 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1790
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 22565
3 KB
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
125 B
1 andbeyond.media
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 44757
189 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 26379
396 B
1 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 14292
108 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
489 B
1 boxx.ai
js.boxx.ai — Cisco Umbrella Rank: 101598
618 B
1 hicloud.com
dtm-drcn.platform.hicloud.com — Cisco Umbrella Rank: 233420
37 KB
1 j93557g.com
j93557g.com — Cisco Umbrella Rank: 244734
24 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 netcore.co.in
tw.netcore.co.in — Cisco Umbrella Rank: 192863
1 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3351
362 B
0 smilewanted.com Failed
prebid.smilewanted.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
727 99
Domain Requested by
95 cdn.thestar.com.my www.thestar.com.my
cdn.thestar.com.my
ajax.googleapis.com
sites.thestar.com.my
59 pagead2.googlesyndication.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.thestar.com.my
www.googletagservices.com
46 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
www.thestar.com.my
42 apicms.thestar.com.my www.thestar.com.my
27 tpc.googlesyndication.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.thestar.com.my
securepubads.g.doubleclick.net
21 securepubads.g.doubleclick.net cdn.thestar.com.my
securepubads.g.doubleclick.net
www.thestar.com.my
pagead2.googlesyndication.com
www.googletagservices.com
17 hal9000.redintelligence.net 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900019.redintelligence.net
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
16 s3-ap-southeast-1.amazonaws.com www.thestar.com.my
ajax.googleapis.com
14 fonts.gstatic.com fonts.googleapis.com
www.google.com
13 s0.2mdn.net www.thestar.com.my
s0.2mdn.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
12 googleads.g.doubleclick.net 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
pagead2.googlesyndication.com
12 www.google.com www.thestar.com.my
www.gstatic.com
www.google.com
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 t.pubmatic.com ads.pubmatic.com
10 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
rtbpass-us.andbeyond.media
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 www.googletagmanager.com www.thestar.com.my
www.googletagmanager.com
adv.office-partner.de
10 hbopenbid.pubmatic.com ads.pubmatic.com
rtbpass-us.andbeyond.media
8 api.webgains.io analytics.webgains.io
8 5994599.fls.doubleclick.net 4 redirects www.thestar.com.my
8 pv.medialead.de hal900019.redintelligence.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
8 cdn.retailads.net 4 redirects futalis.de
8 www.googletagservices.com securepubads.g.doubleclick.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
7 psegment.netcoresmartech.com osjs.netcoresmartech.com
7 images.outbrainimg.com www.thestar.com.my
7 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 a.teads.tv ads.pubmatic.com
securepubads.g.doubleclick.net
a.teads.tv
rtbpass-us.andbeyond.media
7 rtb.openx.net ads.pubmatic.com
rtbpass-us.andbeyond.media
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
7 www.thestar.com.my www.thestar.com.my
ajax.googleapis.com
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
6 platform-cdn.sharethis.com www.thestar.com.my
6 connect.facebook.net www.thestar.com.my
connect.facebook.net
6 fonts.googleapis.com www.thestar.com.my
hal900019.redintelligence.net
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
5 hal900029.redintelligence.net 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900029.redintelligence.net
5 fastlane.rubiconproject.com ads.pubmatic.com
rtbpass-us.andbeyond.media
4 adservice.google.com 5994599.fls.doubleclick.net
4 cdn.track.production.webgains.team 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
track.webgains.com
4 analytics.webgains.io track.webgains.com
4 onetag-sys.com 2 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
rtbpass-us.andbeyond.media
4 dsp.adfarm1.adition.com 4 redirects
4 medialead.de 4 redirects
4 track.webgains.com www.thestar.com.my
4 adv.office-partner.de hal900019.redintelligence.net
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
4 futalis.de hal900019.redintelligence.net
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
4 googleads4.g.doubleclick.net www.thestar.com.my
4 ssum-sec.casalemedia.com 4 redirects
4 hal900016.redintelligence.net 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 hal900010.redintelligence.net 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900010.redintelligence.net
4 hal900019.redintelligence.net 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
hal900019.redintelligence.net
4 ad.doubleclick.net 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
4 us-u.openx.net googleads.g.doubleclick.net
4 gum.criteo.com 1 redirects static.criteo.net
ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 cdn.cxense.com code.piano.io
cdn.cxense.com
4 widgets.outbrain.com www.thestar.com.my
widgets.outbrain.com
4 cdn.jsdelivr.net www.thestar.com.my
securepubads.g.doubleclick.net
ajax.googleapis.com
4 cdnjs.cloudflare.com www.thestar.com.my
3 ap.lijit.com 2 redirects rtbpass-us.andbeyond.media
3 t.teads.tv www.thestar.com.my
3 c.amazon-adsystem.com www.thestar.com.my
c.amazon-adsystem.com
3 www.facebook.com www.thestar.com.my
3 wave.outbrain.com amplify.outbrain.com
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 static.criteo.net securepubads.g.doubleclick.net
rtbpass-us.andbeyond.media
static.criteo.net
3 api.cxense.com cdn.cxense.com
ajax.googleapis.com
2 c1.adform.net 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
2 grid.bidswitch.net rtbpass-us.andbeyond.media
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 a.tribalfusion.com 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 match.adsrvr.org ads.pubmatic.com
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
2 id.hadron.ad.gt cdn.hadronid.net
2 sync.1rx.io 2 redirects
2 dis.criteo.com 2 redirects
2 cms.quantserve.com 1 redirects 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
2 handyfireman.com j93557g.com
2 p.adlooxtracking.com www.thestar.com.my
p.adlooxtracking.com
2 www.google.de www.thestar.com.my
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 tr.outbrain.com amplify.outbrain.com
2 cdnt.netcoresmartech.com osjs.netcoresmartech.com
2 twa.netcoresmartech.com osjs.netcoresmartech.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 id5-sync.com cdn.id5-sync.com
2 oajs.openx.net 1 redirects www.thestar.com.my
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 sb.scorecardresearch.com www.thestar.com.my
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.thestar.com.my
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.thestar.com.my
2 ads.pubmatic.com cdn.thestar.com.my
ads.pubmatic.com
2 www.queryly.com www.thestar.com.my
2 s3.ap-southeast-1.amazonaws.com www.thestar.com.my
cdn.thestar.com.my
2 platform.twitter.com www.thestar.com.my
platform.twitter.com
1 um.simpli.fi 1 redirects
1 buy-ap.piano.io code.piano.io
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 www.awin1.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 hb.aralego.com rtbpass-us.andbeyond.media
1 rtb.adxpremium.services rtbpass-us.andbeyond.media
1 bidder.criteo.com rtbpass-us.andbeyond.media
1 mp.4dex.io rtbpass-us.andbeyond.media
1 prg-apac.smartadserver.com rtbpass-us.andbeyond.media
1 ghb.adtelligent.com rtbpass-us.andbeyond.media
1 tlx.3lift.com rtbpass-us.andbeyond.media
1 shb.richaudience.com rtbpass-us.andbeyond.media
1 rtb.adpone.com rtbpass-us.andbeyond.media
1 prebid.a-mo.net rtbpass-us.andbeyond.media
1 prebid.media.net rtbpass-us.andbeyond.media
1 ads.betweendigital.com rtbpass-us.andbeyond.media
1 a.ad.gt cdn.hadronid.net
1 match.360yield.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 pixel-sync.sitescout.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 secure.adnxs.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 s.ad.smaato.net 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 aniview-diag-server.1rx.io www.thestar.com.my
1 video.unrulymedia.com a.teads.tv
1 csync.loopme.me 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 r.turn.com 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cdn.hadronid.net www.thestar.com.my
1 secure.cdn.fastclick.net www.thestar.com.my
1 wrappers.geoedge.be rtbpass-us.andbeyond.media
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 rtbpass-us.andbeyond.media www.thestar.com.my
1 rtbdemand.apiip.net www.thestar.com.my
1 serving.stat-rock.com www.thestar.com.my
1 bab501f6df12691399357203768b8482.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 static.adsafeprotected.com www.thestar.com.my
1 assets.ubembed.com 52a360d4000447a08efd7617080680a9.js.ubembed.com
1 token.rubiconproject.com eus.rubiconproject.com
1 mug.criteo.com www.thestar.com.my
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 js.boxx.ai osjs.netcoresmartech.com
1 dtm-drcn.platform.hicloud.com www.thestar.com.my
1 amplify.outbrain.com www.thestar.com.my
1 j93557g.com www.thestar.com.my
1 52a360d4000447a08efd7617080680a9.js.ubembed.com www.googletagmanager.com
1 p1cluster.cxense.com cdn.cxense.com
1 syndication.twitter.com platform.twitter.com
1 starmediagroup-d.openx.net ads.pubmatic.com
1 osjs.netcoresmartech.com tw.netcore.co.in
1 mv.outbrain.com widgets.outbrain.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 sites.thestar.com.my www.thestar.com.my
1 widget-pixels.outbrain.com www.thestar.com.my
1 c2-ap.piano.io code.piano.io
1 ut.pubmatic.com ads.pubmatic.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 code.piano.io experience-ap.piano.io
1 tw.netcore.co.in www.thestar.com.my
1 platform-api.sharethis.com www.thestar.com.my
1 s7.addthis.com www.thestar.com.my
1 ajax.googleapis.com www.thestar.com.my
1 experience-ap.piano.io www.thestar.com.my
0 prebid.smilewanted.com Failed rtbpass-us.andbeyond.media
0 api.rlcdn.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed www.thestar.com.my
googleads.g.doubleclick.net
727 175
Subject Issuer Validity Valid
*.thestar.com.my
Amazon RSA 2048 M02		 2023-06-17 -
2024-07-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-17 -
2023-12-16		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.netcorecloud.net
GlobalSign RSA OV SSL CA 2018		 2022-12-26 -
2024-01-27		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2023-08-30 -
2024-09-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
sites.thestar.com.my
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
cdnt.netcoresmartech.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-09		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-01 -
2024-10-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.js.ubembed.com
E1		 2023-10-19 -
2024-01-17		 3 months crt.sh
j93557g.com
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
cn.partner.petalmaps.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-07-26 -
2024-08-26		 a year crt.sh
*.boxx.ai
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-13		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
assets.ubembed.com
Amazon RSA 2048 M03		 2023-12-06 -
2025-01-03		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
serving.stat-rock.com
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
handyfireman.com
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.futalis.de
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 63 frames:

Primary Page: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Frame ID: 441F8CC8747D2E3F079FE2FD7CFE6F5D
Requests: 382 HTTP requests in this frame

Frame: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Frame ID: 86C7F5AAEA4CF9A290ED414087A4F8C2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E7DB94D7BDAC4B5E434804ED5B0DD3C9
Requests: 4 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC7600E420812C0B5436628CD51C798C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.thestar.com.my
Frame ID: 3AF075C0C1733B899CD4CF87325850C9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161329
Frame ID: 35AD8827FD97E1D0A7573AEF43DB28AF
Requests: 2 HTTP requests in this frame

Frame: https://starmediagroup-d.openx.net/w/1.0/pd
Frame ID: 8151D9918D94BCBD399768D498B16025
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Frame ID: 367ADA33AF4511D122F1EB843B7DAD66
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 60B73E3FB8F65C1602B2CB1E6F0AFF05
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thestar.com.my
Frame ID: 276ACD75F15A292056B1DCCDEC6E4BD4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0_aux0qRse5AA94CsoSB6fqgvUmlZirvLW_anQQrrSNdmhaspNLIJgHjy7_yxVQbVFX8LK2Z6rSy5esN39l2suQZgAQX5rJYC8EPay0AcrSqshKFQCg7bEY8WiPuGolBFHHk28oRIShoswppzxhViiTC_iNiO_j6jrhdzv-OrFPSe_ytjHTAPuOsQxdmYhktsnsVF5AzoXG_OkeIdOh0F_YOdETfLQuqTX6x-_KiE7DgSUVqdMl6jcfQKCM9H74yJmjqpIJczb2OU-k0LdI8WhEGmx5Y2yyZ67lNbjX-U2RCvQGjKw-dodXPlRtH1nCNeVNYCfd2JT1lrLwWMdpPo0gifrW8ECEZ0dUFAT7u9MPNr5q2QlcyTHul5ozEl1q941ok&sai=AMfl-YTgDA0z3wtSti2Rd_gAK-cOOdvaoYF6Dl4qPDHqoSl249odKzugmLywUKF1yMvvs-I4lhtLYtbW7GRxx1CfjCIkdeZtAI-XBz2grrx9Yj5vkLdG0ccxz7iGQ5x-5tdZpQ7qnlgtnogkyQ&sig=Cg0ArKJSzKaRWuyJp8zmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D6C2E06FA9A68901B4EFC30287C80557
Requests: 9 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34CC3001A9FBFC1A9E3DF9767DE3A02D
Requests: 21 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4D525C2AECBC22A2F512BD3D28AC8C3
Requests: 21 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8E618F13146D84CF04A2D7C66D00F4D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Frame ID: 8365D93D4C045C28262D7B861FE21DF7
Requests: 5 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1F577F4ABDB108CD6955D30EA504C0C
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Frame ID: 08140E3710F9746449C0C02D7047558A
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B59994B389489F2DF2BC88B8F8219C4C
Requests: 1 HTTP requests in this frame

Frame: https://bab501f6df12691399357203768b8482.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 904782B6CA8A4B12262A8D35D476275E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQwyIaiq9_9YbdG-O2--FeLaflfy5GiFqhbleWPEA6Vs0deRzoL2FBUNFaWeqIse3eBfId2Rehex56zndaufCt0QNh6l2QP0cn04kiQm_oWZuXNYX3PIpxWMfs30QZZXDvtFMz8lc9ffkMdqAKb1NBF1TpGPX8dWe0c1WjPAkvXJh94DGge4wKVoSEgOqqrIJTRd7tvOjtBaxWi_eEjwfNW3C-FqdkGNFWIXvVMhyB0m755O-5POLA4_tRWJVsn_vkhNIJHhNwDxXekquDi6RTfsA76b4armb5Q4gKiQC6FH7kMvFe03kuK83qdUpT5Ls6K2jGVu5bts_t10_MzDzfgym6FTn9S3qWVBLO4kAAm1jcAfAfWlLP-me1RSIZwQzY30rA1QJUZu1hCzWdjC2WGTpaatjfXmVURB1OIxxQIBAbdtvPIVz5B34Skk57VLzEG-0soiOOhBEekVgZUeK866iGNg&sai=AMfl-YRqBely9gOCMLDZ5SioKkYKYXrB5kOiQsE5bnI9--Acn5cC6br5zA7iMANYiZjIEcxz6wBeAjFaMJgGr-ifUb5DvGdfkyIUk2xcBdmLaE-JXYayZ-0vQl2sDjADY-5SfCUlnmGqwwSqjw&sig=Cg0ArKJSzKK_d0F9NG8aEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B28493210F4A14159C7A1FB4F5A85640
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Frame ID: 4F4493435E9AF1D6F26BF0252AFC6469
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU5zHQW8HfqLd799V1But5fZi5ZTzDhTIo4U6CShiF2hdl48ONc_IsP5nguJQ6t2bEBQ8FSWp-ZvD8foGYDvjYh0q1S0EfOKGltTheN3cdLoY-OX9gUQxHcbtthBLNR9wjfaU2WafwmZX1SKL-TUYOF_mRpeSMrrywrSkYeWxpITIDWtgA
Frame ID: FD521D83A9913E2F999DD2EA61ADC5C1
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssItmj3I6HEaUSJjIlnNWo83UaC5JpokY5Hsyo5UcO95ET7kxCicpLTnYAyRHh3fSoz_Z58CyMKHKHp0lOo1s79wcg5d593uBh_kVzIUapeFhPdnHUDStburdt15C8RXBatQFD0PJmR59Gs3BWb4FkSSh4gOUPp31GQsfgwnJXXj6WZuoYOYg0c6yusU-JsZqE9ulHRIfUIB8TZbr2LWmMZkMYd0tvbRz895pKgMoU63vMz-id1a6TFoTwM9siyRYUzZfh7lXwHc-ziAt1MfWv-VPI7mMPJHGBR_yF9l1eCwpqUkW_hWaicYmVOXCXXk_5R7yrvDcFlJ66NmmGq3XjODCKo&sai=AMfl-YS_V5tsUN1JZgSSyyAxnAmkZYASlDyYUany6mUh7QohGr4icPnmW1UmlsK_FfUsHWVYidq_sDzYmEu51958TuFjBQEIi4hUqP1cNl0q02btssvbcTfNrap1u_o4uCWMVauMNuyeAgDA&sig=Cg0ArKJSzJto7aj-cx2wEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D0BD478A868FA2CDDC917818BDB0A3D9
Requests: 3 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7AC896430F8754574F5280EE4B691DA9
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Frame ID: FA9281CA112767E19F9F2E6F2AB7E141
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 843AF774BF75D535084D7AFC0ED78C7A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CF155982FD15D22B5E47CB957B97B4D4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 474A83218C8208C30C17D2F9749F1455
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 14295D51672CE239E4DDEE9B55D16F19
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15C99F8B35796CA74DFF24026472AE98
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6C279498A01642E07187055B1BDA6F8F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
Frame ID: 64B121F9F29D2DDBE007D0BB638DD8CC
Requests: 8 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
Frame ID: CAB7867AC4AB63BC896DDF3749E1E9E7
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 6D492820EBBB9272E58BD47E78114B57
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 2A64DDE6618426F273BBA57837F4DB94
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035
Frame ID: 08B701F2559D08FEEAE341F3E9A8292B
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Frame ID: 3EC829BB1B2B4ECF7A37A89869D2B5CA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AF4D7486AA0ADA598C3DF33E54B112A
Requests: 9 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
Frame ID: D6A7F338DCE2512DBF31FC0996E4265A
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: CD91C6F9D7F3383C0D18B6B2363D9EF5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 76428B6ACE1A87E2C0870EA15336494C
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235
Frame ID: AFA4BFA5F778B545840CF2A896A07513
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Frame ID: 52D66AD472D858E01FA7B2FAAC94B364
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21137B877A10BE4768B1A8BD6EC02A4C
Requests: 9 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
Frame ID: 34598E31E86CE1BAF4ED9E162232F25F
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 01A9B824FD2A97E968EE8C145C0F374C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 09A87AFEF34810A0BFE3B962A32B1E41
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984
Frame ID: 61AF1C6962A39EED7B54A719640F2477
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Frame ID: A3653F407FF5FF5DE47A1C830DE82E43
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47BD7AE8937123690DBFA1E08A557AA5
Requests: 9 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
Frame ID: 56E07F01C07F634E278385F60C4857FB
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 1BA90CBAC5F76D787265BF0D04CDEA00
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8982156B6ECF947517955BC95C32D3DE
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376
Frame ID: B7C32CD710EEB85F6B52209C982A8970
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Frame ID: DCD6440128BBC31A4BC8BFB0149003A0
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 619B46ABBC547B4D2DF0918FD83AF3DF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67D37046873A1A2F9BB8AA735465B296
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29EDF4AEB2881B34BDD18BC28622AC99
Requests: 2 HTTP requests in this frame

Frame: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5546B2FEE2339DF0838E18B08AAA8C94
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNXHXF0675qC79jyA3roE_CMHSmr61IwC_pE91utHzO6pobjZL9U-uIwzppyVGYyf92rg1jK3Z9LKZ8XzayvOoaE0JYU2w0jJz3v5gPlM3kC7yflELNAwfW3uMqP-h8KCZTti0AtD7rsZUadg9Dbnulbu7a5YAHedr2ycDsRl5mTseyinMA
Frame ID: D446AFD13A572A79AF64CE38E9B68AA4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E713D47307D943B49B499A9EA58C04B1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23713F3E20932E6877E24D318B5462C7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Frame ID: A2C2E70FBAB212666F237F79CC79E608
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Missing eight-year-old found drowned in Tanjung Malim | The Star

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • jqplot.*\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

727
Requests

92 %
HTTPS

37 %
IPv6

99
Domains

175
Subdomains

144
IPs

14
Countries

8692 kB
Transfer

21948 kB
Size

83
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 232
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp&cc=1
Request Chain 289
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=thestar.com.my&sn=ChromeSyncframe&so=0&topUrl=www.thestar.com.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=pUP-Gnx4dGpIc0Mxd2NZVElwMVMyQ0lCN3pmREc5cWdZd0ZDdktFWjY5MnZ3dUVORGlpelBMV0FKOUZSN2tHQWpVNUxCY0Q1ejRPSkJYVnNpNklmUmk0V1kwdkIvVHRYS1FmRVVjM1dSQlpxSlg2NGNqaVozRTljNmtPa0l4ZS9Iam9ZT1ZFdUVUSGY5Z2Q1c1lDeVdyWTZUb3FkaUQyY3VFWkZkTWZ4bldLZzY2L2JaaTB2WWI5cEI4TE1VSWhSc0NCQm1JdjhSV3BYRW5VQUdudkhDYzRKdnV1cnpFSTdhZEFVVTFDVCttN0xzSlFVc1Jsb0hWVGNoenVZbmhscmJsZ2xmaXhkSFdhMk52WUc4dVFiTG1PR25vSTlpdDFRZDhlK3VFR29hR00yTFVjWT18&cppv=2
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
Request Chain 356
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXROyXdl3vjqrvAY2oxWUgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
Request Chain 358
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
Request Chain 360
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXROybwUcyCND-xYJeZtiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
Request Chain 362
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECdVFxE1lAsnafkp96aTB0o&google_cver=1
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
Request Chain 432
  • https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 439
  • https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 440
  • https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 446
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 454
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDXVHv1zbi5rV7VSrVzVgTc&google_cver=1&google_push=AXcoOmQN4-RIzL6JcZ5T-ubeCx6ibOWiX4w4VGlgGFJ8jiXaXlH3fGF9mi4m40k-zOnKtkB6AW0SbnIwkj6f3-RgBVe0Qh2VVx87 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI0NzE1NTIwNDk3NDI5MjQ0Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2aAc4a124BwfP7WBfDdV0&google_cver=1
Request Chain 456
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRRNtQ4RoUjEQvBDm1iAluPrPziKeNaRvDXXbH8WKfICvMbadWCcRha8zXK_b12QRW5C23TPJeSrGNniyYwvDySC3vXh9qrnA&google_gid=CAESEBavJD45WY6M2NUuaG1jTGU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmRRNtQ4RoUjEQvBDm1iAluPrPziKeNaRvDXXbH8WKfICvMbadWCcRha8zXK_b12QRW5C23TPJeSrGNniyYwvDySC3vXh9qrnA
Request Chain 458
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_cver=1&google_push=AXcoOmQVze5zlOtZdLfYkCtiyRtAgOElWnSxpgrjPrlRDaMzFBUnjTtMjvUmuOFX2IQMjP7BdWoRdfdIHqVFwg2YymmoDfTeeOFNcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQVze5zlOtZdLfYkCtiyRtAgOElWnSxpgrjPrlRDaMzFBUnjTtMjvUmuOFX2IQMjP7BdWoRdfdIHqVFwg2YymmoDfTeeOFNcg
Request Chain 459
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEtsKgeo_qqHEqXcLybiRhs&google_cver=1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1702121162185 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2bf5bc9b-4913-4467-aa11-f2ddb0e4c318-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ%26google_hm%3DAyv1vJtJE0RnqhHy3bDkwxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&google_hm=Ayv1vJtJE0RnqhHy3bDkwxg
Request Chain 460
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEMsNfMzAR9kksnoF27CWbgI&google_cver=1&google_push=AXcoOmQAVue5WHEPZ-CfDtvxYtuzEzRe_D4z2ncTysguAGhbbgCij47fpa8-5Wt5kK8MeAnPHhE8bfWBuy-0jFUVPNzkwyTxkD_TpaI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38b18850-85f3-4474-9417-875c5235f4e0&google_cver=1&google_gid=CAESEMsNfMzAR9kksnoF27CWbgI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQAVue5WHEPZ-CfDtvxYtuzEzRe_D4z2ncTysguAGhbbgCij47fpa8-5Wt5kK8MeAnPHhE8bfWBuy-0jFUVPNzkwyTxkD_TpaI&gdpr=${GDPR}
Request Chain 483
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=87316300050411004444554012533019&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
Request Chain 487
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035
Request Chain 489
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 491
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=29814200043772704444554012533010&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
Request Chain 495
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235
Request Chain 497
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 499
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=94683000048362804444550012533016&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
Request Chain 503
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984
Request Chain 505
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 518
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-skBd5WzTZH6I5al8QHbiU8IueG377c0aVHp89zDV3Btg9GwbkVn3osQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-skBd5WzTZH6I5al8QHbiU8IueG377c0aVHp89zDV3Btg9GwbkVn3osQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0tpRmMyR04xUmJWdDg1&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-skBd5WzTZH6I5al8QHbiU8IueG377c0aVHp89zDV3Btg9GwbkVn3osQ
Request Chain 520
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDUx0NE1-GXIUZr7Z4hx_AA&google_cver=1&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-LwPzN6ApncGzjdxxNbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-LwPzN6ApncGzjdxxNbQ&google_hm=oBZR3pfQRdyd1giPM22-C2c
Request Chain 521
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg72_zdIy5DoIseAbA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMDc4ODI0OQ%3D%3D&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg72_zdIy5DoIseAbA
Request Chain 522
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_cver=1&google_push=AXcoOmS6lIAQ96SObfKZftTZ3eP5fTqTlcHleqyAVGCtlSgrsJO4qKylYCRrUk2Vx9NQcQaz_24J5VNBhy7m8e98kuNhcvIX3OglWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmS6lIAQ96SObfKZftTZ3eP5fTqTlcHleqyAVGCtlSgrsJO4qKylYCRrUk2Vx9NQcQaz_24J5VNBhy7m8e98kuNhcvIX3OglWw
Request Chain 526
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 527
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEt6Gg0KQ74mquecQ7Ny5rQ&google_cver=1&google_push=AXcoOmSv09bwck22SRI7yThGTBwQ1-q-O2FEaRIFTREwtvYaMIqpTA6Lfs73aNRq2GziBB_E4UEmsxEKJzJWMEErsTWR9Nwjzj50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEt6Gg0KQ74mquecQ7Ny5rQ&google_push=AXcoOmSv09bwck22SRI7yThGTBwQ1-q-O2FEaRIFTREwtvYaMIqpTA6Lfs73aNRq2GziBB_E4UEmsxEKJzJWMEErsTWR9Nwjzj50
Request Chain 528
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIwP8Oz5i6ndAZhcbNB0Cb8&google_cver=1&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-9flEjGXI9515_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMjQyNjY0MQ%3D%3D&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-9flEjGXI9515_1
Request Chain 529
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQdKsyAPM_x2bcLn1wEsMAyH9qHbHmKhomQPwMkTpWOiN0qhz5nJEN7kmQEO6MF0s7K3YLEnJDPhyUvyNFs1PiwZflhOoEVtg&google_gid=CAESEBavJD45WY6M2NUuaG1jTGU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmQdKsyAPM_x2bcLn1wEsMAyH9qHbHmKhomQPwMkTpWOiN0qhz5nJEN7kmQEO6MF0s7K3YLEnJDPhyUvyNFs1PiwZflhOoEVtg
Request Chain 530
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_cver=1&google_push=AXcoOmQz01Q-3WoSf3aio4kSMrwb-76JP4KvQL70iyRoW992I4qG-4c5LzlkBoU7dZWiVIsMcO76aoRp5oYqw_A-yu2meDh5rcAthg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQz01Q-3WoSf3aio4kSMrwb-76JP4KvQL70iyRoW992I4qG-4c5LzlkBoU7dZWiVIsMcO76aoRp5oYqw_A-yu2meDh5rcAthg
Request Chain 531
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAGq3-CFUO6Ah2zHlaCWKI4&google_cver=1&google_push=AXcoOmThtaafcht1N73Yj_zauf6czEPo6oH6tqg30PnICEfgOjrBfU0m1ySXSafyhsSNaPkgtDUg9C2A8P5_c60wILOWzwCtFPZSOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmThtaafcht1N73Yj_zauf6czEPo6oH6tqg30PnICEfgOjrBfU0m1ySXSafyhsSNaPkgtDUg9C2A8P5_c60wILOWzwCtFPZSOA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 532
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31zMRGtT6t_EcotWaX1uAhBlz7pcuonvJpWAybpjGTYZ8W-pF7AIwly5FbHmPtCTb8TYlD16SchAuNlEDglnGV_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31zMRGtT6t_EcotWaX1uAhBlz7pcuonvJpWAybpjGTYZ8W-pF7AIwly5FbHmPtCTb8TYlD16SchAuNlEDglnGV_g
Request Chain 535
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkEw5Za20znhSuTUA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkEw5Za20znhSuTUA
Request Chain 537
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEKt75oBzYHkRNOqQu_wpcg&google_cver=1&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd8yTgsVaB46NQsR8D3f4D9aQuK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYWVpPWDctMjYtSkRQOA==&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd8yTgsVaB46NQsR8D3f4D9aQuK
Request Chain 538
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENwzinp0lTNmuAmfu__oIvY&google_cver=1&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJs1PRCwqiQ7Z53Bo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJs1PRCwqiQ7Z53Bo
Request Chain 540
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENwzinp0lTNmuAmfu__oIvY&google_cver=1&google_push=AXcoOmSwU9WrI495BFbsOV_3_jzYkBchYGZRJBm_fNENVcKMmxf93L1tVElqrfiOUiKh6jcjJeL3knK1rrOAiGQicTk1UCei2vS8vA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSwU9WrI495BFbsOV_3_jzYkBchYGZRJBm_fNENVcKMmxf93L1tVElqrfiOUiKh6jcjJeL3knK1rrOAiGQicTk1UCei2vS8vA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 606
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=66467800047400504444990012533029&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
Request Chain 610
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376
Request Chain 612
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 618
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQJnVKU2FZF7-9gs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQJnVKU2FZF7-9gs
Request Chain 620
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJGm_w38oeb28Ui61GZGixM&google_cver=1&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJGm_w38oeb28Ui61GZGixM&google_cver=1&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc
Request Chain 622
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_cver=1&google_push=AXcoOmTmDw0aAoXIXg98FToujK5a92IYvC06GeUIzvuCTCAiTzHuPWkguvYgSW6p-4ktwkyJGylJIayMThOHzin3tQBJUEltRAbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmTmDw0aAoXIXg98FToujK5a92IYvC06GeUIzvuCTCAiTzHuPWkguvYgSW6p-4ktwkyJGylJIayMThOHzin3tQBJUEltRAbQ
Request Chain 623
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQS3xumHD--H4pAsJDDVic&google_cver=1&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQS3xumHD--H4pAsJDDVic&google_cver=1&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg&google_hm=HyrutGZH2CwK9cDzR5O9i5IZ
Request Chain 624
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELgASTbMuqxkmtF9QwGpiBs&google_cver=1&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8&google_gid=CAESELgASTbMuqxkmtF9QwGpiBs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzNTI0MzI3MjI5NTc1NDE1NDI0MQ%3D%3D&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8
Request Chain 699
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN3VtVFyYPU6unShsjnXIME&google_cver=1
Request Chain 711
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsBwz9brL0QA0RPIgGpHm4&google_cver=1&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18axHGoZ6Y2mr_zGQhp_eUQdYgTm58WF4sAmSyXWYcH4Sg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18axHGoZ6Y2mr_zGQhp_eUQdYgTm58WF4sAmSyXWYcH4Sg&google_hm=MqIUKNYC2qqSQ_RV5eLCNg
Request Chain 713
  • https://um.simpli.fi/gp_match?google_gid=CAESEOW3rSS0oGId_HJLa8gmAh4&google_cver=1&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycYhQVLoXMtjavID_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72ECB1FB96AD43E48E79EE88504B02FD&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycYhQVLoXMtjavID_g
Request Chain 715
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFcFNHqP67srHPUo9WHkqGY&google_cver=1&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFsM58U7ykznHUMxz2JD0l0gw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFcFNHqP67srHPUo9WHkqGY&google_cver=1&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFsM58U7ykznHUMxz2JD0l0gw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI0MjkxMTk1OTI0NDAyNTc2Ng&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFsM58U7ykznHUMxz2JD0l0gw

727 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request missing-eight-year-old-found-drowned-in-tanjung-malim
www.thestar.com.my/news/nation/2023/06/06/ 		567 KB
156 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2f1c73ffe52b5bf0ccb4db82b1924b3c38b8d772e8e8dd064f1bb7a708844800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
access-control-allow-origin
https://dev-smebizhub.starmediagroup.my
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 11:25:58 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
x-amz-cf-id
NpYA-vBWddlir09Gj2huE9KBCSM3MCCziA8h7KPZhY9Z3qdijlvtCA==
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
TSOL640x100.png
www.thestar.com.my/theme_metro/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com.my/theme_metro/images/TSOL640x100.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Feb 2023 00:50:11 GMT
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
last-modified
Mon, 02 Dec 2019 10:07:51 GMT
server
nginx
x-amz-cf-pop
DUS51-P3
age
25785347
etag
"5de4e277-1f94"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8084
x-amz-cf-id
UOWFvbr6SZsONwiH1Yi-j_S8IpQIFLPhahgX6sdxnGb-QWFfm9PJFA==
expires
Thu, 16 Mar 2023 00:50:11 GMT
bootstrap.min.css
cdn.thestar.com.my/Themes/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6088
x-amz-meta-cb-modifiedtime
Thu, 12 Oct 2017 02:23:22 GMT
etag
W/"67d856a36edacea9564bd92310f7d792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
6Q8z3zZaPSqgXaVa8bZnwj58Kv0Z2XeFA2-ZJFpk-vZTjmwDeMThgQ==
css
fonts.googleapis.com/ 		6 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 11:22:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:25:58 GMT
tsol2019_pw.css
cdn.thestar.com.my/Themes/css/ 		95 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20231025
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b779b6ec8f65e4ef57ffdd3134e505293b36a334ba437cb641de413cef5f9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ApnxPrwbV3JIdxIcdLgcqgrZKnNj1zOM
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Wed, 25 Oct 2023 03:07:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1628
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Wed, 25 Oct 2023 03:03:15 GMT
vary
Accept-Encoding
etag
W/"8fd169afeaa40655fcec6327a7fab2ae"
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
AnyqkeliWctT_du7jiWx6Kg55piYwpKP2_HtdDt2YMGOPRnBPxXQFA==
story2017.min.css
cdn.thestar.com.my/Themes/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/story2017.min.css?v=20211012
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
RINYdiUFqx5RbBXLoy9MUCt0LzLzu8vl
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:35:58 GMT
last-modified
Tue, 12 Oct 2021 07:47:15 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7781
etag
W/"52c0c23ec3dcca702452b20101925ff1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
zltKL00gcPJ8uCrpPqacuDMPQVudTnX6BnkKqsEBpDUcLRzKAvhd9g==
info.css
cdn.thestar.com.my/Themes/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/info.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
1.51bKGEb0PTv3hSOCmiJ.243PQ3nZx3
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:22 GMT
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8943
x-amz-meta-cb-modifiedtime
Fri, 16 Aug 2013 10:10:13 GMT
etag
W/"1aa5bc290203717673262f578a590dd3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
AQxC877WC2X03qyEDdrfLYjvKX1UKH6hGmpggTJnA38FLvgWX7BWEQ==
bookmark.min.css
cdn.thestar.com.my/Themes/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bookmark.min.css?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
42ZCDGB1EwVQij9jOKaY5QxStJiy4Bw_
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
last-modified
Mon, 23 Nov 2020 02:09:17 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6028
etag
W/"ca09feb941c19c5454a23f3542209d12"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
604800
x-amz-cf-id
0AOLiqCuvFCsRANj1Khox-mT-82xmOQiIf-8qpb0czdXNYcO2g2Hhw==
main.css
cdn.thestar.com.my/Themes/css/ 		62 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7e9719b72420a34fc7b21b91e7b86732f261a4b99cf579d458c98ad2406b33f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
7VjRvrkaT7.hDabqcuvwP9nln0ZhDFgs
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
x-amz-cf-pop
DUS51-P1
age
5274
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 07 Sep 2023 05:16:35 GMT
x-cache
Hit from cloudfront
last-modified
Thu, 07 Sep 2023 05:16:39 GMT
server
AmazonS3
etag
W/"f4540e2d1df89184a30cb1f18d51a130"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
5wdn0qgTWyTVw1BsLqpLUfySmSwQnwzUfb1YRx1_2azZtryKDW2w7w==
promo.css
cdn.thestar.com.my/Themes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/promo.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
cTpHpLtDfO6oDRjJlvCAo1Uuwxd5Mw7d
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Tue, 17 Aug 2021 04:47:39 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8377
etag
W/"36f8ccb7da7a85cd553bd68d3b27eccf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
vfFK1sidc9Pkxg2_AjJ1xFpZeHNsgScdEomJPhiEwUmZObiRYcCfpg==
stock.search.min.css
cdn.thestar.com.my/Themes/css/ 		577 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/stock.search.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DYuyOSWJKpUHMg69YtSIuMPMhqtqRHMW
date
Sat, 09 Dec 2023 08:53:18 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
9164
x-amz-meta-cb-modifiedtime
Fri, 25 Aug 2017 08:10:23 GMT
x-cache
Hit from cloudfront
content-length
577
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
etag
"abd4fa5dfda7656031ff9bc791e31ebb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
SOayHViKoR5FpNKxdVlHzkqYe3RzrHZRCuZ-J28C4QHvN4ubFAwmxQ==
font-awesome.min.css
cdn.thestar.com.my/Themes/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
2vubh.PhxEhgJpFKBG0pP31KYJZnb.Rf
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:38 GMT
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
646
x-amz-meta-cb-modifiedtime
Mon, 20 Jan 2020 03:30:42 GMT
etag
W/"79f8083e69a38052ae8392709b1610c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
dbDSp8BZ0EZTkEHkGguJpq193g1vZ871nqlWL-jOnZkDAEfzPDj_nw==
global-bar.min.css
cdn.thestar.com.my/GlobalBar/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/css/global-bar.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
QR5FC7msyz3XbukdKO9JSVGPSk3gSipT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Tue, 15 Feb 2022 08:36:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8216
x-amz-meta-cb-modifiedtime
Wed, 01 Jul 2020 07:40:54 GMT
etag
W/"2352a7924ab6600445060ce8da2f9e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
R-xz3BMRJGiBdi2ud-RSzqBGur-pzEs06O6LAOl7FW0s2vi_yVV6qQ==
audio.css
cdn.thestar.com.my/Components/Audio/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/audio.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
4fEQPXNNtWhcIBa_DYlOd_C68bas6KnV
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:38 GMT
last-modified
Thu, 01 Oct 2020 04:47:53 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
332
x-amz-meta-cb-modifiedtime
Wed, 09 Jan 2019 02:04:14 GMT
etag
W/"6b621e92f808f4c887d5eb54d7b5bf18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
VqBVzl7twgIjpvi_pCjiSNm5ac_WQak1d9nGHmGKRbo7N8Gz86j1kA==
owl.carousel.min.css
cdn.thestar.com.my/Themes/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/owl.carousel.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
jBZo_fxdrmNQeQ0zDiLYp2wHUQrzyzsK
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:46:10 GMT
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9982
etag
W/"1189f89df639b70679aa1be29335a613"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
06W7B3dcWv0F0NIhZumpyr9S7n-nX09lPKHp0qLwcenHW9nZ__oBRw==
style.min.css
cdn.thestar.com.my/Themes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/style.min.css?v=20220712
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6dc41bc6587c9140b8e74ad8f787c811fe9b6b69803377aa894129308f465fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GvgDY0V0FIm1m_16NboZgRDUoCV2nsyv
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:38 GMT
last-modified
Tue, 12 Jul 2022 01:36:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
743
etag
W/"32d1676d27f89a5bd651a2a50159be45"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
O8zlbY7jIHq4JYnVElXMu8B51FOvlgv0YTXfZoJ2ceiszqAQ-jRNrw==
load
experience-ap.piano.io/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience-ap.piano.io/xbuilder/experience/load?aid=Gr82HQx5pj
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2136077a84c6d45c78285bcaa88b35ebbc711993f2673d1bac2dacb9346efac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
date
Sat, 09 Dec 2023 11:25:59 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 11:14:08 GMT
server
cloudflare
age
711
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
832ce3fddb5837d1-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
6xoeid5two
expires
Sat, 09 Dec 2023 11:55:59 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 10:13:45 GMT
URI.min.js
cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/URI.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
970695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13131
last-modified
Mon, 04 May 2020 16:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf3-b370"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF1IyrmlUN73vcB63dFpLVn7mAnrUR0Kg90ytyR3TbUAgG4IQTjbq9JKT90IvtDMdvu5%2FQSKEde2K%2FN7qx94UtiPUwNovTOJBxT77ZafwW93OWYgNoc2yUoc2WTxXEq4DH4KMwl34gr0xKJe6qOClbJr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832ce3fa6ac91da4-FRA
expires
Thu, 28 Nov 2024 11:25:58 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2579375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15476
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c909"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpuPnrYKn4xa4B%2BlDoBb%2BHZDwrqHdLcLRxdaA8%2FhEQ2OEaJ6V9p0WMVFU4VeLbFSsDXPRVhkBvdPy%2BqKHjdxQXWzjEo6symvQcCtcU8PH4LnPwYoVSA2wfh2UvPvMhUQ3SbHWHQc4l7PudvYIRFskaDX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832ce3fa6acb1da4-FRA
expires
Thu, 28 Nov 2024 11:25:58 GMT
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1524905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQlzrBJ3Nc7zy28kNFHbQ8sGXRYkiK9q6wyswcg4YcpiVbpfFNm6oEbmE3NSt3kEu3jNaTFGjl64ek3An8Mjdguj2YC%2FSLIyHQlF2A1lUK8mZqvGkZYMJMCsOhjbVAtC1AEtirazwjtrSv0DvnFaqxh1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832ce3fa8af91da4-FRA
expires
Thu, 28 Nov 2024 11:25:58 GMT
js.cookie.js
cdn.thestar.com.my/Themes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/js.cookie.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
9uuOoJhuZtR5PqudHFYxAz77EF7flIiw
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2553
etag
W/"6e9eb1f53afb135aedaf90739c867738"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
mLz84DDyoGNamtEl2MmbN0P_MqqKvCkyrTCpoEWlI4H66jWq8O334g==
jquery.dotdotdot.min.js
cdn.thestar.com.my/Themes/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/jquery.dotdotdot.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
hAkLNIGL3rohYqiNd1Iog0CmHxxih5th
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9104
etag
W/"e7489c03aaea168ba084298955d7fb9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
NPbbUY9L5-pW0bbrUjJD6gMSrTBNmMsb_Nz2_qELRdxamUonyurVYg==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.12/dist/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.12/dist/vue.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2702232
x-jsd-version
2.5.12
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1532d-b7N+P+qNjCY0IJSHys6z84RECdI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TktN17s7vWKAiqXjO4KvQD8RTSCmW0p%2Fo28fDJ9QDqNAvpZ1hy7gLSASN7GZqr7MFp1fEMMRfbdmwzOyAQnQevBjIdvdS6AxWNSBtlog15T9RIoALHQen5xW%2BN2GYY11DXi%2Bv9lrGTW87diO9Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
832ce3fb59096957-FRA
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2195330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4224
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-3580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOcDynajCoQtKuniOH8d0cLBB48p8lVt3y%2F6u5qpklrub6UNSVO5Me%2BROfzKGN4Yy0goe44HJNyUTvnxt6hLDJ4lBG7eBSAGTlqFhDasgkXM4nyfe%2BB7rF3kU0T3xyXuqkKQfNhAqnqsseuYgZGfKTWX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832ce3facb4c1da4-FRA
expires
Thu, 28 Nov 2024 11:25:58 GMT
Main.min.js
cdn.thestar.com.my/Themes/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/Main.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73cb9e5cd7bbcd284f97701fb1706de9527e061ea543f535266bdfafab259f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
1KiQBWLRXRBg8HHlPxIpkk0hQ36gQC6F
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
last-modified
Tue, 12 Jul 2022 04:34:59 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6532
etag
W/"142b078b73c1d6496fe01b5fd27e8d32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TpInrx_UEV7VHXDwu0LhrWOqs8isY4qIrJPn6X8emko-4_p-DufHNw==
widget_mixin.js
cdn.thestar.com.my/Themes/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/widget_mixin.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
y9PpVJXd2Oxkkq3Zw.83CUlh1k4ay25d
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:01:02 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
5122
etag
W/"548632554aa77d76e34e3dc08ab3671c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
wMTKxyGiIFthraNnCZTUWBmH5V3Hm58KE9nd9XITHjQztqlBys1KGw==
slick.min.js
cdn.thestar.com.my/Themes/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/slick.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
oBAIRKEGoB7KIU6Csj.8nhVNzUkorXJ.
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2042
etag
W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
Vriw7zWuUs1RHYejEkAPAzZqctvg4LSn3MdF9LR-50mweN79OMN1fQ==
jquery.unveil.js
cdn.thestar.com.my/Themes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/jquery.unveil.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
1Fhcx_qG5J0whBMLGKTITGVNVu.uQj3f
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1759
etag
W/"4f4ed40e89655177903ad7eafdec4b05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
PQ42WrDwbmOu4gQDVXIYQxTc0Wu5REquQFsWvMTvCDRiyNe7hnqZTA==
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a375ef092ed0d7aaad2404496dcabd82434f6b50428261da9fc0d4f1cdd6cfe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 11:25:58 GMT
content-md5
s6K1PhvU5/8Wl4OYwz9nbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
x-fb-debug
y48k6hZWUrIlHY5BcmTomojsIrTbcDfx/D8z/9ndiY+fnNUDPwZhLZ3POo2szp2CpfKJ+iqHVJFQKu9NoZiduw==
x-fb-content-md5
b692946ea78e00447da2fc26808c3958
cross-origin-opener-policy
same-origin-allow-popups
etag
"4eb83559e7d8860a2b003e2a4dcdd38c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:34:04 GMT
owl.carousel.min.js
cdn.thestar.com.my/Themes/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/owl.carousel.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
91xkUJd7Bp9Lc31.TzW9M055eNZW.MwS
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2410
etag
W/"d93af4022365dfda42a48dd0ce25f2a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
z8lOcGJrEh_T-lfWic6xNOCACJEozJRRuVOgLLdUOGAAcsRr0JD_Lw==
parsely-onload.min.js
cdn.thestar.com.my/Themes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/parsely-onload.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
1DWUB0MLRA9Gin_ixr7MS2Yy_RpKtHx_
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:38 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
311
etag
W/"cf0b5aed788300bcd41cf265d84655dd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
FvDUD_odYdPul_JRs0oe3L8Sur8xEs7KrX2wVVS3wXcSyL1JR_XXzg==
mediatag.min.js
cdn.thestar.com.my/Themes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/mediatag.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
b0vOp9rRVixzOzR4Bf0NM4XxBsi8pwbX
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:12:58 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1078
etag
W/"bb66382c1748b25c891b9dda58d4f49e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
pIYNOa2i_K98QNkwbdkAtMvIflOp8_HDL0RDbZIsCCq6MAorZr_Aqg==
mediatagv2.js
cdn.thestar.com.my/Themes/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/mediatagv2.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0288f678cb4b106fe1b4872d6dee03f00c0a0375396e730c60637b3b1b2021d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Pl0lYtzWr0OBBFbTSsiNTQi9_PvN83Gj
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Thu, 28 Apr 2022 02:56:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2212
etag
W/"b698c443f9510f312dc87998b20da49b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
p7C8b1i244YUaPt1EYxoLpV8rKMDwiGhj5LFiZArB_kFva3AfioLgw==
mediahelper.min.js
cdn.thestar.com.my/Themes/js/ 		1 KB
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/mediahelper.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
HUI8bjkjkMsvDB1fosoXf3g0O_f3RwT_
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:46:10 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9894
etag
W/"fe91adf3dfdcbd82bfc8d88e948a9356"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-D7gyqNJiVOwhdRXhuzJ2c2sWjZh2zqz4RLpOkmdMD4mtSPLQ4hWcA==
widgettop.min.css
cdn.thestar.com.my/Themes/css/ 		355 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/widgettop.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
6LdMa_qUjKDTJSqTM9TkvNfEg3XGMDcu
date
Sat, 09 Dec 2023 09:35:58 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7925
etag
"d4d7dfa253b7eb381717d2d49bef8b6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
355
x-amz-cf-id
TOqYRac8xoim3KOjJ6EBdGIl_icJaeg2rzYFaX2G4aI8xyZFuRe94Q==
widgettop.min.js
cdn.thestar.com.my/Themes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/widgettop.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
AkiyUjdvcgUq1yi0xs0KA79p__MQh0HQ
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:46:10 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9782
etag
W/"ab52bf3882cd9e5f3a5ba5d6a12f30a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
FqunUmKjod7AGZcIZGgIDwd_KBiP2MwMq-FGLywIYno9TlshekdBdw==
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.162.56 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-162-56.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 11:25:59 GMT
server
Oracle API Gateway
opc-request-id
/DE9AF0A3DF463A7D28F824F047B84454/6A87DE579075FBFFD95E48D0C6F6E060
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
sharethis.js
platform-api.sharethis.com/js/ 		205 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-80.fra56.r.cloudfront.net
Software
/
Resource Hash
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:22:37 GMT
content-encoding
gzip
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
202
etag
W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
9-0bLbxTLa_Sm_n70Vw559_MuTRVl1QHNC5kXBvS0buJm3-Ip8gvTg==
sharethis.css
cdn.thestar.com.my/Themes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/sharethis.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff7ca8299855a7931502a7ccc3d5eba865a0574eb1b6fdb5d0f33b384d01f1e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
nbimMsyeldu8MHu0a_Pe.6D5tjEOuLvY
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Wed, 31 May 2023 08:06:39 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8943
x-amz-server-side-encryption
AES256
etag
W/"2542b6f8699d43ce6c5416395c0ad996"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
xJQ806BarHnAYRxFoA3yDva42LJkEl-dwPTV0iuzyygStpa76oLa7w==
article-details.css
www.thestar.com.my/theme_metro/widgets/article-details/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Feb 2023 00:50:11 GMT
content-encoding
gzip
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
last-modified
Fri, 30 Aug 2019 03:42:44 GMT
server
nginx
x-amz-cf-pop
DUS51-P3
age
25785347
etag
W/"5d689b34-7df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
eD937MO-OB0a5wOUbNjji-X65TWLrP2YD2tDCKMiDXYUofkNjvLdnA==
expires
Thu, 16 Mar 2023 00:50:11 GMT
print_v2.css
cdn.thestar.com.my/Themes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/print_v2.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
KwC9Uxlv1PIHTSeuo2BppqPQG0_eQLJT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:12:58 GMT
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1064
etag
W/"a0dc4bc68d133c730c0c5840dcd1dcb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
ai9DHLYFp2UG0Go2lxEvPP7I6cAFa4QnAlc5kUBgIBVRorcjP4EpbQ==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
25ddd86f5287d140be6921358b86bc0577b4e434dc0c92adf5537b07f8a7692a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:25:59 GMT
Content-Encoding
gzip
Age
711
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27594
Last-Modified
Fri, 08 Dec 2023 15:37:51 GMT
Server
ECS (frb/6795)
Etag
"f97cd33462674ffa90e36fef4d921711+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
story.min.js
cdn.thestar.com.my/Themes/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/story.min.js?v=20221020
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91021483719d4c5d07ae21f70854246ba3ac3ba28e76445a97481a9e1b752820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
OA89dX4y0i6qFGjmTT8EYeMPvcb_VcuP
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
x-amz-cf-pop
DUS51-P1
age
8224
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Fri, 08 Sep 2023 01:53:52 GMT
x-cache
Hit from cloudfront
last-modified
Fri, 08 Sep 2023 01:53:57 GMT
server
AmazonS3
etag
W/"55fe3204b2c9786bc0ec7bef640fbe1c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
JUGza_1s2w9nEoQagcX_ha3zBIbibDvPstd6Z9y1Fn_zBq9kHikOoA==
trendingParsely.js
www.thestar.com.my/theme_metro/js/ 		3 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/js/trendingParsely.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Feb 2023 01:45:05 GMT
content-encoding
gzip
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
last-modified
Fri, 13 Sep 2019 03:18:43 GMT
server
nginx
x-amz-cf-pop
DUS51-P3
age
25782053
etag
W/"5d7b0a93-aac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
auxUPkCo-Q1ZZuV81Vhq_rlUZ7W3EiLHyDn50M_C3Wr_roxCGSME5Q==
expires
Thu, 16 Mar 2023 01:45:05 GMT
close.png
cdn.thestar.com.my/Themes/img/ 		563 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/close.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
oh5atXrQlnGzmYKMe0FMd8_aHZ3eX2lz
date
Sat, 09 Dec 2023 10:50:04 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2509
etag
"3f435ca1cfc6bdb9cd5fa80a4bbf782f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
563
x-amz-cf-id
U-FFGPEci4KrTT13yB2a4XPemhQVGigMyqzsqZ18IVskfzReWgF8Sw==
navi-selection-revamp.js
cdn.thestar.com.my/Themes/js/navigation/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/navigation/navi-selection-revamp.js?v=20191107
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Xgkepuq2ZP4xhniY2q2qEC2fXiNjsxtR
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
last-modified
Fri, 02 Oct 2020 03:25:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6028
etag
W/"05a862eb21f9c8caf895696ef1f910bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
vGPiKXbwfASTgDLtZkNdcNUkinzuXSP_ZkuQQ_-Rbr_rzRIfdM6U0g==
jquery.mockjax.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.mockjax.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
yML40Dwy7cpBkYZgqvzVNYbVA60KAgRX
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9154
etag
W/"9ece6212dc680985754b05aa60c8e93f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
AeYumMeaAnZYJN5SbBMzUtBVIjsxh2d9IYYDWYEipte0r07u0Pzijg==
jquery.autocomplete.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.autocomplete.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
mQkM_q5GT_pIjmvvnEcIoZj9O0dEgdVs
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2742
etag
W/"bbeb164fb98847e6aa277d13acc0b845"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
gJU8cF8cKNait1h7CGFHRYIVT5IcFmb-46a8bmi2SZrbs6mQdKMcbg==
stocklookup.js
s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		148 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/stocklookup.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9f684d1033bd9fdcfffe601e3ef557d9b99589ad4716a235c5bddba5b94336dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
YUQwOD_7eTuNdpF16rUQoYgA83VF_m9N
Last-Modified
Fri, 08 Dec 2023 01:07:10 GMT
Server
AmazonS3
x-amz-request-id
NYA1K2JW3XW5E3CF
ETag
"01e57c94f28ddbbf1f7311c4af230dc6"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
151918
x-amz-id-2
52c8oCFSOT1Uc7mwxo/RCWEXP958FwnzLSQ2X0RyNZyJsCxDpcpo5gwvfntDsnP2GvFwbtLWHAw=
search-menu-1.1.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/search-menu-1.1.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ADs_LRbMGQrRKgf_H0FFRDpMK5UzUvHm
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:32:36 GMT
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
4815
etag
W/"93c40729a04be6e873673e3df9485ae2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
mVMk-YxHiStBuVZacUvb1o-1gkl4LGz_mBACHP2NKWmOw0rVwvezEA==
gsc-widget.min.css
cdn.thestar.com.my/Themes/css/ 		1 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/gsc-widget.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kGC.90mrgmWnDOcE6kUKtpr6rVwh368x
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:26 GMT
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
5989
etag
W/"5a9c2439e593f7d47afd523effc0e939"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
3CVU-YKiHDASM5bqgy_6IGw3nEsB_21RuSIgUCUIVUzaIdDtPuCUkg==
2346431.png
apicms.thestar.com.my/uploads/images/2023/10/20/thumbs/small/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/10/20/thumbs/small/2346431.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a59d995aadab3fc7910a394622c3ea6f99bd0f8dcd3db076912bed68430ee27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
I1w31zbh9sGPi6ADjNt00mcFfjsid6YQ
date
Sat, 09 Dec 2023 11:26:00 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 20 Oct 2023 11:52:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"8c8ecf2884a785928f4028c7f330f1a8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
103754
x-amz-cf-id
p9t4msRC1eqPTgkrWA3bByKNlOqtPINYek8plq6dIfUKrn4mj7-gbA==
interestNewsletter.js
cdn.thestar.com.my/Widgets/newsletter/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Widgets/newsletter/interestNewsletter.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e70bd9071c2350f81142190c4d941172ac234d48aeae57fd5394b25a0540906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
OjZNLudCo4JbUssRY4vfOv5g6UN5QdLR
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Mon, 09 Jan 2023 03:41:19 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8663
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 09 Jan 2023 03:41:12 GMT
vary
Accept-Encoding
etag
W/"06ab8c4d077ffddbc44b08ab9243f33d"
content-type
application/x-javascript
x-cache
Hit from cloudfront
x-amz-cf-id
SPguk4X3pGf6pkOqGaY3e9VVfplsQ0n2thV8BIOrlMc-s-7T6Bkg_A==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
abf38237f2fa5445aa0ee0104d11b861f15dc994a35f3dbd52da71f7a6f810bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 11:25:58 GMT
2390315.jpeg
apicms.thestar.com.my/uploads/images/2023/11/16/thumbs/small/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/11/16/thumbs/small/2390315.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4593696ec37cc5a9a49fe37b889c46daea4fce218b141cb2af823ee7f8ba9846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
YzuIVb5EZm46UEv.1Xhp_5UcRYGWtWj0
date
Sat, 09 Dec 2023 11:26:00 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 23:22:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"899288a09688f984c8ba15a0860e31ec"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
11058
x-amz-cf-id
dFrz8Gtj0QEBbmnqn-6nPpgvQ8TgUzpAF4UliP02yzE9YnbES3eK1g==
2363203.jpg
apicms.thestar.com.my/uploads/images/2023/10/30/thumbs/small/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/10/30/thumbs/small/2363203.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f644c16962f0ca43d6586dc214ecfeba47b2b79d1661ad9b22f4c05180a4c9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
aaaWMZYytMJReq31.x0k9iPqahaOBO38
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 09:59:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"bd53f1040a498c77f9176c70c0adb38a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
12586
x-amz-cf-id
0Hn24qx8bj_RVw13ATO4ooivMBRJf02nJmLzxE-kafBUQ7q8nTs_IA==
slick.js
cdn.thestar.com.my/Themes/js/ 		85 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/slick.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
M1UUCXgbifGYen3fSN4gPuaUneQd11UO
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:47:59 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
10180
x-amz-meta-cb-modifiedtime
Fri, 25 Aug 2017 08:37:13 GMT
etag
W/"0069cd26e05883ce7beecc9dde8a8dd1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=604800
x-amz-cf-id
ZjKFFMi9eoSPSTi5jVWQI05gg-9EEnW2ZZ30oAiwVOLcOj-a3Lxzwg==
trendingsection.min.js
cdn.thestar.com.my/Themes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/trendingsection.min.js?v=20220712
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b27c44f08b7a1ce81289c9ba4d166a60c76c64d8ac6fc961f7dac6ec6fd8630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
8X00dZHolLG9a02XAuT395.CiYrgNaT9
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Tue, 12 Jul 2022 04:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1690
etag
W/"537bca3f141bf8d107f996ca74981409"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4SKD4No82VBy2qlNp4ppozelAlhyoQPQmBMQ1QWIc7s5j64b7IWF3g==
api-widget.css
cdn.thestar.com.my/Themes/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/api-widget.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64cdddb35db99e4199b6d4148c877312459b50ef411c39dfaacbba8c7b038c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
.1NnNQZJZ9zukV3ITMZKMXR9WeaK.fcc
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:38 GMT
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
362
x-amz-meta-cb-modifiedtime
Wed, 18 Sep 2019 07:51:48 GMT
etag
W/"034d11f3ae1aa010bdd89dff628a287b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
H2C-3PDW3NvMc0nDsDaxoMqptFJI77ZyDj5M6MVQsPWf55ysI5CHyw==
HazeSponsorLIVE.js
cdn.thestar.com.my/Components/TSOLHazeApi/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TSOLHazeApi/HazeSponsorLIVE.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9caac2c9fdc1c8e68db3a0fe848f0d1c01b1aae34ee7816f0bd87a816d18086b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
QmCiPnr4jkP.mfe8cMv5MgeKOiT_IVr1
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Fri, 13 Oct 2023 02:45:28 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1696
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Fri, 13 Oct 2023 02:44:26 GMT
vary
Accept-Encoding
etag
W/"a6b1ffdd1ae96480d9bc32249fe5586f"
content-type
application/x-javascript
x-cache
Hit from cloudfront
x-amz-cf-id
6n6EcXkIIvKprQ_rrLqCgf2H3LmHgWQpStcEdYZRwIAGc0_gMan4qA==
outbrain.js
widgets.outbrain.com/ 		238 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4368d7f6a28d98ebd26e392505e54811e2038e5d68238f64ea0a30c3000e521a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:59 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 09:57:52 GMT
etag
"23-tN465MiMhzyzzmluhkWll/k9ezQ"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
2f3a3cb0726b1a3ed55fc0b88203953f
timing-allow-origin
*, *
content-length
87835
access-control-request-headers
X-OB-STG,X-OB-PRD
recommendedreadingarticle.min.js
cdn.thestar.com.my/Themes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/recommendedreadingarticle.min.js?v=202207121
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3879c31141ece6c5af7025b66678e73d4e1a843544ac4056891bfb7eab8f002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
hWZzYirgcpccw2M2E3NMJxIc_sjze7f5
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Thu, 02 Feb 2023 10:52:39 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1383
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 02 Feb 2023 10:52:34 GMT
vary
Accept-Encoding
etag
W/"a42eecdb8095e77530655e775c7c0b6e"
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-id
mzsXrys5h5NvxuienzMjYDciNlGUXLlY615M8lr3AAC6K9L_8FPnHw==
chartdatetime.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/chartdatetime.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2c5829f79a7576da3305c2251341a0a8d9c59fa2f90fa4b0d5f19c0bf3754f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
LNYIKmc60YmxTtVAVLGMJ1S7FM9Vgf_1
Last-Modified
Fri, 08 Dec 2023 11:05:10 GMT
Server
AmazonS3
x-amz-request-id
NYAFS7QZJQCBW93T
ETag
"d97e48464c8ad3527967ef7363af6eab"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
1546
x-amz-id-2
kNrXoiQUoQEDf92iLt/GSHFPwC9nMTYA92SEF6yH5dObZZq6ONUgtux72TKDDAIx+U3gdHv5o9U=
jquery.jqplot.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		168 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
x-amz-version-id
GBBRuvPJ6axKW25UnMQZIZI8IL_ZXtAe
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
NYAF7A4PMFNPP1Q9
ETag
"34a02ba47f73853b0abee59bcde46861"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:16 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
40802
x-amz-id-2
+Eh6BGa15Zu8aVX33TVdqa/GblQl7xgoZLimQGwLp2FDfFUYp0zR0lcWITngs2u8/FgQbrg0fvE=
jqplot.canvasTextRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasTextRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
x-amz-version-id
bXOySgiYGt4ExqDTFuO3yLV3VSjlMmj9
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
NYA7QGZC7F1XW71X
ETag
"40ccd46d588ec5f2bdcab810ccc560ea"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:52 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
3624
x-amz-id-2
0T+IL0RgVbzAH3x+LHhfQ+oTeq4bzdlwh+LNzrfFFQu1MGnwoYXOkL6Fitdn42UlKgIBLqGSZy4=
jqplot.canvasAxisTickRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasAxisTickRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
x-amz-version-id
DDqNr4cor1Y0wowm0KNS0YVT8vPUCmOm
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
NYA5XHE9K1JRGCW3
ETag
"58707dba2234ad48407ecf8be547a8a8"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:29:09 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1088
x-amz-id-2
7vJEv1JosRg0mIBVQeSwyxEEf9em5F+uVXn/9nblxk84nYkmm0iInXu6ZyGVzvdboUVieGgUqQ8=
jqplot.dateAxisRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.dateAxisRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
x-amz-version-id
TNtxhcaCLEGA3wzUEK.W9f5OpdVpr.XP
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
NYAAJTB804TGFY14
ETag
"100bebdc1dd34da0492542ab2c0afd10"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:44 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
2762
x-amz-id-2
un3Ar889GPLIjfvdBVLfo9E111g1aHnANA3JVJWP4BRwvSF/cboDJbFYOiFywqXzGKYlS61P4k0=
jqplot.canvasOverlay.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasOverlay.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
x-amz-version-id
VADRCRedFvW6IHYOBIg5ulkEoqq3.Ls7
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
NYAEFFK61VXK5QSF
ETag
"3b7c16ee47e08089c254d2dcc177be70"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:29:01 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
3003
x-amz-id-2
oagBTKdTNZMWL17eGCkrtR1YvYgBHaOWePNGQMOSxA+/TQPHjdy+kL0jnG1Upm0w756wv9tN28s=
klciside.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/klciside.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
J0lhCdsuzL7N_0K032ZhADQt13sU8bQO
Last-Modified
Mon, 23 Nov 2020 05:07:39 GMT
Server
AmazonS3
x-amz-request-id
NYAD00FSA14VM9T7
ETag
"2f73ec58eb2e005dbbe9fead55e75479"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3876
x-amz-id-2
1P0amZJJ/i4FHMWY/hMYcPKqKRF9g0w0hU3ES+YSID7AZ+OUNSZogXKL0G6JWpT7vACju7lsy0I=
plotchart.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 		1011 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/plotchart.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
Sasi7caBnHUkVipIaB1Yqe8zKqfENV26
Last-Modified
Mon, 09 Dec 2019 02:07:32 GMT
Server
AmazonS3
x-amz-request-id
NYADWG9MAMQ24RXC
ETag
"aa287ab2f08a033baff8af19ae083248"
x-amz-meta-cb-modifiedtime
Tue, 01 Dec 2015 00:02:11 GMT
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1011
x-amz-id-2
qdq/yNZMlNw35RoXyAgnSSfj3iplC7orHRigCj1deXS0rYGUFCMYb84hGwFzaKG5PeAHw3/kWro=
top15active.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15active.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c97f0ca756712d1afb4c1c8c7b7028bf7a8b2e9da6edd3c2522da52497f299cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
poKj4IPH2VbjXY3BSiGZt7Pf54zK.GoM
Last-Modified
Fri, 08 Dec 2023 11:12:22 GMT
Server
AmazonS3
x-amz-request-id
NYA3RESKTQVD5S4Y
ETag
"c2f2235ad3f0ccde07fc46d015872380"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
3543
x-amz-id-2
OtjUO9OXG0WRY/u0x1bSl0dtpw2967fCX+McFqoT7Zh64Z4V2inecCZd624mW3zQq58gtWajaUA=
sidemarketmovers_v2.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/sidemarketmovers_v2.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
tOC78Iou.fgjI1wwRMVtqhJGMVx.oicW
Last-Modified
Thu, 16 Nov 2017 01:54:12 GMT
Server
AmazonS3
x-amz-request-id
NYA6B8E6DQ87SMX1
ETag
"ba9fde07be1f5a2596d0ee536ce41ea7"
x-amz-meta-cb-modifiedtime
Thu, 16 Nov 2017 01:53:03 GMT
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2101
x-amz-id-2
KijSsbrGDwJe9sanKYZaiY6LYzgOuqazpOZBGwC73RSA2WH1gR4rONfcCW/ayxDsDKuPuRp3Hso=
global-bar.min.js
cdn.thestar.com.my/GlobalBar/ 		2 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20221101
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79cb6caab9e38d348251a2dfbec1f7c33af1f0ba4fa5e90c72ea834f62db1449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
dFGKePHTeJfDG03z2ro8KmG7fa04Ryjm
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:46:10 GMT
last-modified
Tue, 26 Sep 2023 01:19:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
10450
x-amz-server-side-encryption
AES256
etag
W/"9f6665dde212b9e06092a02ed0907bee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BIJDGu1_CWSZG61KyhW9ONtkAs_MzqWjPLIv2hWHOchvR6ImYCw0Wg==
bootstrap.min.js
cdn.thestar.com.my/Themes/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/bootstrap.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
t4hMdTiZici9FqL_hKTCNOgWrk2xRcD2
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:35:59 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7257
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
YBgwFRYWTON_GHQdYaOg2YYx9jcIQCVnxS5AzarDYkqUBzxlCxdoFA==
bookmark.min.js
cdn.thestar.com.my/Themes/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/bookmark.min.js?v=20220330
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b30910deca4b261b30732f807a9b6f3a9e6f2173abccc1c9becde7a220e75563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
csPYt8H8IRnMnBWpjLR7wrWWInQi6yGy
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:36:00 GMT
last-modified
Wed, 30 Mar 2022 02:53:18 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7905
etag
W/"f323360243860f86031c5027ed9f0562"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
nCG_I6wAAthHIxCyIcVgDom8a2pHiAcE72gsaJfDMEX29ekTCncRYw==
loginstatusV2.js
cdn.thestar.com.my/Themes/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/loginstatusV2.js?v=20230105
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3413e334fad2fba09a65df41e90726442670d3348d386a906b575bc6ac9665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BSsWnAt0U2SOLzvEkrcisaSNa3LtNY4a
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
x-amz-cf-pop
DUS51-P1
age
1759
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 05 Jan 2023 01:59:16 GMT
x-cache
Hit from cloudfront
last-modified
Thu, 05 Jan 2023 01:59:20 GMT
server
AmazonS3
etag
W/"4feb7d177fd706ce30f82e8ccf5d7690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
IcyC4hXG1aKT1vZUfg6v0jU-1u-TFnMleBa3Nfcq51LVvEDYERA0Zw==
rangetouch.js
cdn.thestar.com.my/Components/Audio/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/rangetouch.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
SncXBizfzGgqFTTIKV4OY0WbJjbfBIUK
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:22 GMT
last-modified
Fri, 02 Oct 2020 03:23:27 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9105
etag
W/"3d0c65f1a02e9c37f8151823305fac49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
J0-KQmlQFmfE-asbi9LjKs0O0U-96EO92dM9WlU-Pouifd28XH-iIA==
audiov11.js
cdn.thestar.com.my/Components/Audio/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/audiov11.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
MyE0S7wRqEofYd4m5t_f9MFpkuZ1q._c
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:26 GMT
last-modified
Tue, 23 Mar 2021 07:31:48 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6038
etag
W/"9e21be23ac165d96439e5fa5b53ebbc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uKolP05E2nZXpUik7coykImS6kuRqVbsOZzXUgeknfhKOOjnELJhVw==
lazysizes.min.js
cdn.thestar.com.my/Themes/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/lazysizes.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ecK.TIVb9okgvRXhj4mOs9F095sYYP3F
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2856
etag
W/"3150bf538edc0788afd7c673a0c5dfee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-reAqlyL0D636AwHaffsMhg874wxWYwloGdX46k5_EY3-xTVDnVGKg==
script.js
www.thestar.com.my/theme_metro/js/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/js/script.js?v=20210315
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b67ff367a760584c24979455c2164a16189fb9eda3be40564caa3ec93b71ef49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Feb 2023 20:07:34 GMT
content-encoding
gzip
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jun 2022 07:51:16 GMT
server
nginx
x-amz-cf-pop
DUS51-P3
age
26407103
etag
W/"62aae0f4-9f7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
-g_-AJrE64b4uT79F0MKoYuGUPFEAVEIfrfooFUnO0DiXOWC7sggrA==
expires
Wed, 08 Mar 2023 20:07:34 GMT
anno.js
cdn.thestar.com.my/Themes/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/anno.js?v=20201130
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
OuDkpiwuPGW_Q4zrNCpISbqT1sd95PIt
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:41 GMT
last-modified
Mon, 30 Nov 2020 06:39:37 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
263
etag
W/"b879d81b10441b73e051d05ff6f260ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
604800
x-amz-cf-id
QCsa3TK19_yfFjVm2Orf7bEpuoNVOngiZIE-XtLbxdAzprp7YJ5NCg==
anno.css
cdn.thestar.com.my/Themes/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/anno.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
IYdciccd_JNS28aqgJlMBoSXxrU06r2A
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:03 GMT
last-modified
Wed, 18 Nov 2020 03:20:26 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2410
etag
W/"1729e7e979d354b09b68b9ee92c30ed5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
604800
x-amz-cf-id
8kyj2BBijimEStxYFcZ_tWcAjZVM_IeN4Qfx0o0Y0l5z3168MrFUHA==
userTour.min.js
cdn.thestar.com.my/Themes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/userTour.min.js?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
pkk7sT48scecda5qmWoyb0i.tvcRLuw2
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:53:18 GMT
last-modified
Mon, 23 Nov 2020 05:03:43 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
10473
etag
W/"eb2cabf0b74693fdc24dedaf1fd53c9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
604800
x-amz-cf-id
b4nJzQrOnYF7_VDdSkzcOp3MgMnGv_dUegbP8xlZ09lSOOcyuNQpFw==
flyin.css
cdn.thestar.com.my/Components/Flyin/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/flyin.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
evw7KHSrtiPtOJ_cB9Mj.lS9SfYJ4IAS
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:41 GMT
last-modified
Tue, 15 Jun 2021 03:33:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
263
etag
W/"cacb78daa8eabcadd3288b939abb913b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
GbLDT7mz-dg-PpbDavsEznnSLIGIMhEx-hHNSyS_A3AAzc0XapdB3A==
css
fonts.googleapis.com/ 		1 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0237376c93777aab26c4ccdb9e5c4a7c27bfe517da39a0a626d3d54044ce23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 11:25:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:25:59 GMT
times-solid.png
cdn.thestar.com.my/Themes/img/ 		195 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/times-solid.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kAFO.STgsqhnKgaHPEgDJWsM6I..4uJG
date
Sat, 09 Dec 2023 11:21:42 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
363
etag
"1e6a99b6d4f0f30e2275083e00cc8aad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
195
x-amz-cf-id
GAmzX10gF3MEtCMra0NBUrw9fOOsOiwuU7wVnrYQIjg1BzL8N2duBA==
Flyin_20230621.js
cdn.thestar.com.my/Components/Flyin/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/Flyin_20230621.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c994adf0acfb8d95423531152c6b1f96f71d2963679c161800528d6639be4ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
1RRWDSfzcTNOUBN_9N_3z5xpENzGZJrC
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:27:53 GMT
last-modified
Mon, 27 Nov 2023 08:39:47 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
10748
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 27 Nov 2023 08:38:38 GMT
vary
Accept-Encoding
etag
W/"19098933e5283f0b71230d82234faab0"
content-type
application/x-javascript
x-cache
Hit from cloudfront
x-amz-cf-id
pZXW0zauHdCYO2APvACIeQULnXSKPdEsRXO1ByOQ63xrxVrX7ZupVQ==
Icons.js
cdn.thestar.com.my/Components/Icons/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Icons/Icons.js?v=20221115_2
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02a72617250298397a470d0c8d32340bc6deb9e6aa0db71d49707ad843f80385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
L_PoxvHKB_5PZZzsdA5M0b4vgd2s7FR3
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 08:53:18 GMT
last-modified
Tue, 15 Nov 2022 03:49:44 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
9224
x-amz-meta-cb-modifiedtime
Tue, 15 Nov 2022 03:01:11 GMT
etag
W/"502030c3faf05d3166e240b62ba4faf5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
hV1CZAffbioXrrRV0myMHI5J-On7IQ43TuGX5etd64hKB1tdPBsPkA==
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d36950a34495f0f28ecbf33c0937806c1c2ace9f541cda5a017682cb01a54d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 16:22:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
60
etag
W/"08b5d867224da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reO%2FjNgnC%2BedIRb%2BaEhiOyGnfXX8KFZf%2FwcWxDowjjWUrzqOeoF85QNVTHB%2BdvmmlrKHD3E12iQscsR6mutQ3kmi0ICBqQ0%2FsqDNveUDhVSGLvQnCAY5f8FYMDdICKdQZwwFnn9kHaqKoIP69A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
832ce3fcf9302c76-FRA
smartechclient.js
tw.netcore.co.in/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.netcore.co.in/smartechclient.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:1c:47d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 02:09:53 GMT
Content-Encoding
gzip
Via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Jan 2023 16:31:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
33367
ETag
W/"04ad8e816f76434405b913fe1b6f1a9f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
ILUtq8CGAnKLIwH-TzpPqT9vCEOGTKBJj99hJQOLM1_30Hl5t3hwJQ==
article-details.min.js
www.thestar.com.my/theme_metro/widgets/article-details/ 		620 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Feb 2023 23:47:55 GMT
content-encoding
gzip
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jul 2019 06:35:12 GMT
server
nginx
x-amz-cf-pop
DUS51-P3
age
25357083
etag
W/"5d301320-26c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
NUvUgEYfcNltIB1YqkIfGOC8JbI2FFXGATDftygxP68m4w9LFnvTxw==
expires
Mon, 20 Mar 2023 23:47:55 GMT
responsive.min.css
cdn.thestar.com.my/Themes/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/responsive.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83d4d300e3f0d88d13709ae92a55f60c9925270b1c9858d2d69c088c32b26e67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
CJIOWps.D24iQUDVpj4.4SqVCY03MBH4
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:35:58 GMT
last-modified
Mon, 10 Apr 2023 07:32:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7904
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 10 Apr 2023 07:30:54 GMT
vary
Accept-Encoding
etag
W/"b0915b6c52a88813192994aaa9feacd1"
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
q2Neq_dI341qFqeDreAy2kNaraxp8jNtyq3RNYHrVaHzsTsF3cwNxw==
all.js
connect.facebook.net/en_US/ 		304 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=c77af61eb7e0a6bf353407ecf3c12de9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1bcd63cdb7dd95048eac4505aadee6b6dfe2d37f5c6d71d530d7534310ecb00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 11:25:59 GMT
content-md5
tDSgR1k2AVZfQ2VYCzvkVA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87805
reporting-endpoints
x-fb-debug
KssV/48JSfWzlzjOM3aALOHMOVKA0NzwM6gTPX6ED/5CO4C6TScbsvsQYTVWYwroxhQnLcHPOGo+hz/YUDc9nQ==
x-fb-content-md5
6d30f86e81263e98990a492bfd22b579
cross-origin-opener-policy
same-origin-allow-popups
etag
"252e239561b3c7788fad0e42d98ca0b2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 08 Dec 2024 10:55:02 GMT
NewsStory.js
cdn.thestar.com.my/Themes/js/gpt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/gpt/NewsStory.js?v=20221208
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abe6cb4063ba725e85046eb897827e93f7fdc9d9343e10f49118aaf06b9aad7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
nD11tjymc.swErYcFmbjb6Ln9mJywCXw
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:50:15 GMT
last-modified
Thu, 08 Dec 2022 03:35:31 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
5745
x-amz-meta-cb-modifiedtime
Thu, 08 Dec 2022 03:35:17 GMT
etag
W/"32c59d51c2a21cfd753001e367d3f0bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pvI-j_X5NzcAM0-TSbIKd0EXiJemunR9FAYBP0P4MQ6iNajPD0Q_ww==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161329/8028/ 		533 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/gpt/NewsStory.js?v=20221208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
917ebb454a1a2285d716e780e148b4ec57dfb129aca81c53b3be1449b4126135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:59 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 17:47:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22768
accept-ranges
bytes
content-length
154653
expires
Sat, 09 Dec 2023 17:45:27 GMT
logo-tsol-fullv3.svg
cdn.thestar.com.my/Themes/img/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/logo-tsol-fullv3.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88b4299cf14bacbfec3ff53fc588f47bf703e1adab3302b3822c139141103e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
4b.4Vc3JRoGada0RdoMeL8SC8ixwP6Hv
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:09 GMT
last-modified
Tue, 11 Apr 2023 08:58:37 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1655
x-amz-server-side-encryption
AES256
etag
W/"1c0138d7bcfb9bc33c71e52bae623091"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
phVj_BX-UBM9hA3aDZ2SVcQFGYgz49YjSEZEOOg424JCh5g6RDdSLQ==
tsol-spritesv5.svg
s3.ap-southeast-1.amazonaws.com/cdn.thestar.com.my/Themes/img/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.ap-southeast-1.amazonaws.com/cdn.thestar.com.my/Themes/img/tsol-spritesv5.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20231025
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b89b9399e766fcf3502d08d89bbc6c538c646aa9ac2f01d373a2681fc86dbb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
pXXcKy6myJCpv4tQ3pPQkFqgpF8Hezvi
Last-Modified
Wed, 25 Oct 2023 01:39:30 GMT
Server
AmazonS3
x-amz-request-id
NYA2D71ZR3VG6AYH
ETag
"8aa8cb33819d571ca08f8829fea31e37"
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Tue, 24 Oct 2023 02:17:05 GMT
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
255080
x-amz-id-2
f8xVUQXRQt6nJxzRRw8eYsjArj6Cn9vEwsyqhy2HgUWH32t6X9+zsKuarqmNM1uRI+vuTwKF/58=
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:16:44 GMT
x-content-type-options
nosniff
age
144555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:16:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:34:04 GMT
x-content-type-options
nosniff
age
75115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 14:34:04 GMT
tinypass.min.js
code.piano.io/api/ 		385 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.piano.io/api/tinypass.min.js
Requested by
Host: experience-ap.piano.io
URL: https://experience-ap.piano.io/xbuilder/experience/load?aid=Gr82HQx5pj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-16.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e357163c958601d3eaf9f86dd641ab5c929651c8a01ef07337c5150d1f04ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
x3nC6PLrTHuxwUVowxPWLp97oToE5SxU
content-encoding
br
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 07:52:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
age
12839
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 05:31:06 GMT
server
AmazonS3
etag
W/"047979a503352eef59ec22854bbfc21c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400,public
x-amz-cf-id
bSIZhlsN9QJvHOT2PboXz_l0KMl8zIHQYa3q7ZePYSMbeKs3GyLr8w==
6475dc6e8b790100199499d6.js
buttons-config.sharethis.com/js/ 		641 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/6475dc6e8b790100199499d6.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4386c7d36c2e81e3f6948e27c554656193263a2b0c099b3a6721103cc3ad4a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:09 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C1
age
51
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
641
last-modified
Tue, 30 May 2023 13:06:27 GMT
server
AmazonS3
etag
"9212e64e434a916c01823b0f95eee7ee"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
iqg52XOgqpibJDGJzQ3R9teg7l_fXeG7I2kGqtb-f5HT9RQKrVwipw==
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.thestar.com.my&location=%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&product=sop&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&cms=unknown&publisher=6475dc6e8b790100199499d6&sop=true&version=st_sop.js&lang=en&description=IPOH%3A%20The%20body%20of%20an%20eight-year-old%20boy%20who%20was%20feared%20drowned%20in%20Lubuk%20Gelap%2C%20Simpang%204%2C%20Tanjung%20Malim%2C%20has%20been%20found.&ua=&ua_mobile=false&ua_full_version_list=&uuid=c91ab68c-d5dd-40eb-98d4-11b83843ebb5
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.91.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-91-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:25:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.thestar.com.my
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/js/gpt/NewsStory.js?v=20221208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab70c1e2bd9c3150679be978f9b9064d835f6f6a1ace889f26b3e60177f7124b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29549
x-xss-protection
0
server
cafe
etag
251 / 19700 / 31079992 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:25:59 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:25:59 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:25:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Sat, 09 Dec 2023 12:25:59 GMT
execute
c2-ap.piano.io/xbuilder/experience/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2-ap.piano.io/xbuilder/experience/execute?aid=Gr82HQx5pj
Requested by
Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0fa1a90db008638030cecbd7343b2ae871027d7bf6b65c5dfce5c7e7a5bf2b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
d18t5k5an7
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
832ce4014ef337d1-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
85782
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138171
x-xss-protection
0
server
cafe
etag
7807444821274263820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 07 Dec 2024 11:36:17 GMT
cx.js
cdn.cxense.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 13:41:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37050
Expires
Sat, 09 Dec 2023 12:26:00 GMT
Topicbar-v2.txt
cdn.thestar.com.my/Components/TopicBar/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TopicBar/Topicbar-v2.txt?v=1702121160060
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e034a552e2ed526ad16bac6bec55338d85d72a11813ac526b0a4d5d679e58d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
zgztzyS6Bg9USDUGwOt2IKyHODXNLbRq
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-cf-pop
DUS51-P1
age
37
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 24 Nov 2023 08:17:04 GMT
server
AmazonS3
etag
W/"5f6b0b8a1e153cffeea87e56217afe3f"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=180
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
02PNweGgvMxYfBQsUjad2uVYl3P0ISpVI0Myu86tVPhc99nV2QYESw==
2112364.jpg
apicms.thestar.com.my/uploads/images/2023/06/06/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/06/06/2112364.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c542d4ab7544a03161ea92651b7b45b2ee4f1c22642e7a7d266550c155e48f84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
zXZorFacauGUfyeZvBJYuyQltCITayuc
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
91171
last-modified
Tue, 06 Jun 2023 07:13:24 GMT
server
AmazonS3
etag
"2337780dd3475005c7cdba8a89459b36"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
x-amz-cf-id
t5-eVtu3CaC55PcfxjH3n_GC3u6wct98tcwzGf7Nq9NZPz9vDUZ0EQ==
expires
Thu, 26 Dec 2030 16:00:00 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:09:19 GMT
x-content-type-options
nosniff
age
400601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 20:09:19 GMT
fontawesome-webfont.woff2
cdn.thestar.com.my/Themes/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ZzJSZtVVrlqTf6sRJI1XVNyPPupEdB22
date
Sat, 09 Dec 2023 11:13:01 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2169
x-cache
Hit from cloudfront
content-length
77160
last-modified
Thu, 01 Oct 2020 02:18:02 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=606000
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
b8kAsx0MvSR7uDEaVndl5Ob1_ZW5nyhh3pPZdqU0bnCYQhhqFgqNuw==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 19:47:30 GMT
2346431.png
apicms.thestar.com.my/uploads/images/2023/10/20/thumbs/small/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/10/20/thumbs/small/2346431.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a59d995aadab3fc7910a394622c3ea6f99bd0f8dcd3db076912bed68430ee27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
I1w31zbh9sGPi6ADjNt00mcFfjsid6YQ
date
Sat, 09 Dec 2023 11:26:00 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
103754
last-modified
Fri, 20 Oct 2023 11:52:50 GMT
server
AmazonS3
etag
"8c8ecf2884a785928f4028c7f330f1a8"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
XMANB7kXgSS1SaBe-KSOXRwA16lBy5B1GO2K4h682i5bk_nea66zeg==
2390315.jpeg
apicms.thestar.com.my/uploads/images/2023/11/16/thumbs/small/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/11/16/thumbs/small/2390315.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4593696ec37cc5a9a49fe37b889c46daea4fce218b141cb2af823ee7f8ba9846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
YzuIVb5EZm46UEv.1Xhp_5UcRYGWtWj0
date
Sat, 09 Dec 2023 11:26:00 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11058
last-modified
Wed, 15 Nov 2023 23:22:46 GMT
server
AmazonS3
etag
"899288a09688f984c8ba15a0860e31ec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
JM8CiqJaPPsx_WKVb8KWS4L079__LANI_h4ay4VwGJ7DtcCKPuetDg==
2363203.jpg
apicms.thestar.com.my/uploads/images/2023/10/30/thumbs/small/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/10/30/thumbs/small/2363203.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f644c16962f0ca43d6586dc214ecfeba47b2b79d1661ad9b22f4c05180a4c9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
x-amz-version-id
aaaWMZYytMJReq31.x0k9iPqahaOBO38
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 09:59:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"bd53f1040a498c77f9176c70c0adb38a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
12586
x-amz-cf-id
veiL1jTjJuIhmAkUU7nZQlmaPPQIJy4PXJUKBLSL66R2iwCNOnznig==
2408837.jpg
apicms.thestar.com.my/uploads/images/2023/11/27/thumbs/small/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/11/27/thumbs/small/2408837.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6c3fe4eb16ab36b205a7e57623ae8eea64a4ea3c1e26472134787be016d0988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
At2W5OSZB3SZChACoGdOZA6KS__efpVn
date
Sat, 09 Dec 2023 10:01:23 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
5078
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9806
last-modified
Sun, 26 Nov 2023 23:28:22 GMT
server
AmazonS3
etag
"16675aef34916986018d31784a99ba68"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
0B0AWV_ziVqKnPtT9dSxCDE_6w_kM-NA4DC3mT07H7d4nec9fwBEDg==
2431398.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431398.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab3dbdd8bb66946defe69c15231c6897a864e51346d9640fba4f797a89a8df49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:18:25 GMT
x-amz-version-id
kIWFYojFG66o2Tjitbcz4krKSj3ozwpf
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 11:12:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
456
etag
"443173006643c36824b48a9f81fd7895"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
7058
x-amz-cf-id
wbtmFNJWBsYXGcmA4YcMvhjj1Ve_2kyUa8aQzfpwgP4R-TEoK3Eefg==
2431395.JPG
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431395.JPG
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3d7d7b3d6a825ced1ab2ded132baae1f455a4bbebde9543a387dbb4a7c6396c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:09:51 GMT
x-amz-version-id
N7ISvJ_CPSPnpZ9zbGSyi3iww9HXcKOo
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 11:07:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
970
etag
"91c5e7a42692289bd09f5e50081808a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
15936
x-amz-cf-id
WAWLV5M9ZwVzSarQaSe5l4U5bcGYOUiY8Ek21hw-zlaD2voLvS3hYw==
2431381.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431381.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7617fb081b55e9ba85d27ea9fcd122b9d8c86c95d99bc03e945d75a4f0e11b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:54:18 GMT
x-amz-version-id
PD6ndE3ofX0dxXNkfXcNYoh8gDa0zBOz
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1903
etag
"ee4376a37d178373948acc5f5e296763"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
4887
x-amz-cf-id
4-u6hs5y7ZDQtiXoj7XnZ7hEEGiVEY3BDH9oStYzKqTnT89x1e7aPg==
2431368.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431368.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7ae72277f1c817c9a41284a9194a09b12662ef82632086e01dd94a0b75fea79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:37:49 GMT
x-amz-version-id
Eakxg2bDmQ.U.M2YsDv2xzboh9x0AOtN
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:35:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
2892
etag
"b3baa902baca1c457138debef09d3698"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
6771
x-amz-cf-id
iwyOc2FuOzSQwOhDb3AZrIMgSpvmSakk2EsVHsO2l2UNJJh7Lb79_w==
2431362.JPG
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431362.JPG
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de4e934f7208319c5dbb5440ebec255f8600b47822ba77eaae589b7ddbea61b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:33:14 GMT
x-amz-version-id
tEbtvCzyGcYhO6lAIVlepe1X7VaO3CT5
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:30:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3167
etag
"eb6e6c62eb4c73c9fac661581ed77cd8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
6863
x-amz-cf-id
5SD78oiliCEDpdoszZIJDHENLFU9rkKY3FOlcH5C4WmsfBwtM7l2Tg==
2431350.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431350.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46a69107e68b57d91be4da3e292551fa402d8d84562bc33d36bbd4dfe7b423f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:23:20 GMT
x-amz-version-id
wmS.jYKaBzORtqK1y0YhzK3Q.wOT3J2x
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:22:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3761
etag
"2620fda69abb48ef573347bf3d029a25"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
7134
x-amz-cf-id
2FOgP_ngQAjSsJFmfI6EigoI-746U0q-wCm5iTWUppVFVeecaGxH1w==
2431306.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431306.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c50901e75a6376f3c036099f4639a0702a32192ccb8da48c3a0dd6a8f52050b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:48:08 GMT
x-amz-version-id
tGZqVTh6gXGPHXmrrjcSD.lZLxL6Te3a
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:42:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
5873
etag
"b31610a6a2398801fc972e00cac4d659"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
11424
x-amz-cf-id
kTasKNXPeV1rpW20PlY4eaUkTx4P683MTkDw2jLz1_5cpws3p3u8vw==
2431276.jpeg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431276.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9aa20b07db5add4c0698a3434b2cca0ae81a65db16bc91dc3ee10969ddf160b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:13:39 GMT
x-amz-version-id
O8wOMe0b9tDMNkrKg6ccAqFyKtJoguuX
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:07:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
7942
etag
"4f4d95a70cfb7f21dc693a7728ca33d8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
7497
x-amz-cf-id
eXZ9NtUFlyGEmw0nZKE6UgglzmhQewdYd_p1_m22p2Dxol8LxepIRg==
2431267.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431267.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd2dc3763b9fbe9252269d89da54bd03b466ae027871e5c2a7a6731dfa8c54cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:08:23 GMT
x-amz-version-id
nVuulz4cjMYGsSMqcIK2e4VeHQLhU.W.
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:03:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
8258
etag
"749615f7bdf31381864f06a6a1bcdd78"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
13119
x-amz-cf-id
TZ7TPqdoW2YQ-ycDCJn77-Hgv-38wNazKLkzxiTul72I1ACof49c_w==
2431288.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431288.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12359b4cb466b938c55c7979fc0eda154d76e5a3db251f57149e7f94878f7bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:13:39 GMT
x-amz-version-id
5OjlHPHQ0eLMR7w7.Lxyp0eyXqbHAD7i
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:12:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
7942
etag
"afc4f3bc0054ba78a7c4b290cb9fb0aa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
6822
x-amz-cf-id
2m0C2ACuWrXPKY2k3GbIGSzKPcYtpi6Ncmek48yC7X7lMG9sEVogvg==
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:19:52 GMT
x-content-type-options
nosniff
age
39968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 00:19:52 GMT
2431095.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431095.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2706f6a65d3bc130d346ca0ee0b8b1d99bdd35f682b50459edfa7caac9b0b56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
5tYPNLrpbD.w5.NYy.ZuYCcolRrt7.5R
date
Sat, 09 Dec 2023 10:39:16 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2839
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4481
last-modified
Sat, 09 Dec 2023 07:35:38 GMT
server
AmazonS3
etag
"6a0528a31eac1c7feb7fadbdcbccd529"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
7u7ajx0zAEQK74ia4rs7bToxbsXn8b0H4QzpPbeXEqMnK5H8ni0D1A==
2431164.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431164.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d9b4ac7b1855bc47c1b3b1e722019842855c7650099d67c8e22b42bf9438dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:33:14 GMT
x-amz-version-id
lic5W034C.flpIBd.WeF1tjGq_1BhvqR
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 08:30:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10367
etag
"0928b7f20e3ace30a70db5e6b50ebd6a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
4653
x-amz-cf-id
NaGzRdvpFMTVTTec4s5zgEqxwPFmopUdxAhOLYIKGmlhNIW96Wr1hA==
play-icon.png
cdn.thestar.com.my/Themes/img/ 		526 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/play-icon.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4fc3dce86fba846311e8755f83c33672079be00a4cb0832577439cda7a157e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
K_4KdUsJx4mKtAZhGfQHnq0P21nmGHGS
date
Sat, 09 Dec 2023 10:26:50 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
3551
etag
"223aabc48435518883afda1ea8e9ea47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
526
x-amz-cf-id
uYBrBgQkH9rjiqYxgpvtNXU6iTGnFY986gpgfI6xq1gY-4M2sJyQeg==
2431083.JPG
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/small/2431083.JPG
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3578093060c5409d7b348955ddce60be997817f7bcdc3878e3b8bd90eb0ec8c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
riCDBUILsYGtVMUCDTIYkM3USi_OsOll
date
Sat, 09 Dec 2023 10:13:56 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4359
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5794
last-modified
Sat, 09 Dec 2023 07:09:05 GMT
server
AmazonS3
etag
"a3cf50ce7203e833309c19e1b583fcd4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
7oj7yeHckDRcVO2DvUCSIV-jvXkSECY50rJGxp1zuKyOxvgnU2uvuw==
last24hours.json
cdn.thestar.com.my/Components/TSOLHazeApi/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TSOLHazeApi/last24hours.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
184a13e455a99a788c6d1547a02129587ae863f16527166867491ea8df10e9e3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Kg0IlXrn2O9lCapMbHqXC3T_VLEqIU7m
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
last-modified
Sat, 09 Dec 2023 11:15:03 GMT
server
AmazonS3
etag
W/"b29183efdbb22291a96f09bf22b81415"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
x-amz-cf-id
BBKQUBkU2GCFyl6RNvQTXEz8EPlpsTT7As4yOfwUVpx8_JSbShr1FQ==
lastmcaqm24hours.json
cdn.thestar.com.my/Components/TSOLHazeApi/ 		882 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TSOLHazeApi/lastmcaqm24hours.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abcee800eebf2fc13b790c53a48b1efc0dfc74f740c528e05a91004ecf56819c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
3rBw5dZbT2GNVdLSzOTuWbpsh7Kz6PAC
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
882
last-modified
Sat, 09 Dec 2023 11:15:03 GMT
server
AmazonS3
etag
"a718fe1fac49f7d8c9adb2a8f597ed45"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
wk3Vprx6qCO7_BA4GzIqz_trgmrTFPyIvSa9rcUVdI6CELpjN0EQfw==
HazeSponsorLIVE.json
cdn.thestar.com.my/Components/TSOLHazeApi/ 		386 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TSOLHazeApi/HazeSponsorLIVE.json?1702121160102
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70c47e8d4b9ff920fb9b78fe5e5c2a0a0e363c678fccf80e6b40bde330ba8c19

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BRT7KB43cxDBoVC0NKnwPmPs6mQR1CbQ
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-meta-cb-modifiedtime
Fri, 13 Oct 2023 10:18:12 G10T
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
386
last-modified
Fri, 13 Oct 2023 02:18:14 GMT
server
AmazonS3
etag
"b694cdd74dd63bd58d14d2f7405457c6"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
zCi4qWOBT-zZbna6Shrnlb3ulno7OZ1p03kpmWAsXOwyVRhXQXcPfA==
2431095.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431095.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df9f998f7d4343b733871e4d4ae40b9fec79e8b7e56bdd87201c1fa8dd5612e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
5ekTnxgbQJjAs4SPxGLy0NQDoztKrLrL
date
Sat, 09 Dec 2023 10:39:32 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2789
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8096
last-modified
Sat, 09 Dec 2023 07:35:39 GMT
server
AmazonS3
etag
"ed3ce5f5799869509921b4b06ece0ae9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
841RyHeHaxxslx470HQy1nFOl1AK-QJieaMZiCB_oUeCzoTOh01-GQ==
2431267.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431267.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
975c6d207d24733521200f00e168914599d4cf2984aac9be008e0ee15246a44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:07:15 GMT
x-amz-version-id
DaGnMtL5uoHMCDdojsMGSBLXlBXzX33i
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
8326
etag
"64bb47e488a322608e8e205580dc7d3d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
31376
x-amz-cf-id
Dv47gjXQ6ANsbnHMd-plcjUXkMT-xiDEnXHi2RgkloOw7jmn0Z2WDw==
2431071.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431071.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6618196c1088f151f1c03846ee77bb7509bef6b367c3e76f2fefc6958b48705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
5TKAaW11peGc.SltIF.m7gVj5Z0tMZAv
date
Sat, 09 Dec 2023 09:50:08 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
5754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17546
last-modified
Sat, 09 Dec 2023 06:44:34 GMT
server
AmazonS3
etag
"46b1a66fe0d01463d9f2517389738b47"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
7katTcoujY8uHIu3jd15HtSW42-kd4mkcKoJnewQW-vtjz5-g0D9rQ==
2420934.jpg
apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/2420934.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1918ced52843a1d4fa5c3c08e8481356c0656e7b45dd56c6162016bcc636ed1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
88UIJkylo.Pox99smQf.KG4NGlnzhQ8y
date
Sat, 09 Dec 2023 10:17:53 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4088
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22462
last-modified
Mon, 04 Dec 2023 08:29:34 GMT
server
AmazonS3
etag
"f259c79642d2b569a53979d2e0539398"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
Qo44gbKRoZlDM6aMlXG0XlBGdF36N_4FivrwHq4-fvG6NBImwnGwgg==
2428689.png
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428689.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8e86f309d0791ee9dcc669ba6aadb4cb0bfa058f08cef374953f59fbf417544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DSnOUBUHqfb.uE43rh4l3I8UFpX49l4.
date
Sat, 09 Dec 2023 10:10:38 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
199852
last-modified
Fri, 08 Dec 2023 04:56:49 GMT
server
AmazonS3
etag
"99198883fe31bceff8e0a4136b7172d3"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
DVpXdvhfUqxWP8hL5W4GGLOVCmuTQyiMCWdy7wxBo2Z2S-aBFP3cJA==
2426485.jpg
apicms.thestar.com.my/uploads/images/2023/12/07/thumbs/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/07/thumbs/medium/2426485.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
390abebd52562ff0047c4ac169179646a2309a2e2f8e35248dd7c4093d193f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
.6cEcRee5oXaztz4H0QvLk2vyJ1a12Go
date
Sat, 09 Dec 2023 09:03:57 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8523
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23289
last-modified
Wed, 06 Dec 2023 23:57:31 GMT
server
AmazonS3
etag
"e70d55ea3d0f07ea884b1fe05684c053"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
ctdTA_ftdV17-CLagEYeLuAm2WJSDQXCmDWaduROaOLk4-0U6re-mw==
2430981.jpeg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2430981.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b42481fd1b1a77daf67c734ab572220417feb677c4321545143ae5d778bdc05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ju1Im3v6OlvS7xOqIyWSGX4Y0SdEvToP
date
Sat, 09 Dec 2023 09:01:24 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15015
last-modified
Sat, 09 Dec 2023 04:29:26 GMT
server
AmazonS3
etag
"ceb233d09594f97db557d114f241df7f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
AuIh_1yfypFWth3aslm-u_FB2ln_sT4I_3NlB33v9fpqB_6D99Iw9g==
2431119.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431119.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b18a225c02759c63a0a9379807d338057f93f046eade73da500b100d1d9fc095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
wRxKqZx_6V7TNmGcct1wUvB0FqoYoxvc
date
Sat, 09 Dec 2023 11:18:55 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11918
last-modified
Sat, 09 Dec 2023 08:13:07 GMT
server
AmazonS3
etag
"6119246c300a4a2039c5a6059b0c4f95"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
57lxTd0K0JVvOx-US8czwNjOmS_DDlGVcNGQYr52PmISKghULVGg1Q==
2431306.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431306.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
137223d76a578f02a067309c87951c1677743fe95382f3de068dfa3cc3210541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:45:36 GMT
x-amz-version-id
1L3AKuDHNcNQ7thM0hxN5_tKcdkYzZFq
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 09:42:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
6025
etag
"86da8926c374f21b54da50260c7d8f50"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
content-length
25600
x-amz-cf-id
QKDHUWHfYFhTFJ74_7Ei33HipKTutjCOVx2QgjxUzarS3BDOVl1vJw==
2430328.jpg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2430328.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c04e29187ead1e2c0bd794a031df7d7140d5d0225aeab6e6d561e64cbc426b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
SG64jMzvL1gfoOCaCz9bhDAaUf6O7nGt
date
Sat, 09 Dec 2023 10:51:57 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2097
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27507
last-modified
Fri, 08 Dec 2023 13:49:49 GMT
server
AmazonS3
etag
"8c5ff36513f7ba49aa35cc019f97b832"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
UQNHQVg1lyWwASSS_npd4jfbztBvZio6CpK3VI-D-7aM-Vq7wCaxCA==
2430833.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2430833.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b1298e8d09ad2de52e84220decfc0ef0d0c0d69fa11798755d4ea396160374c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
CK1.XpanAVg.f_qfLdoDZ9vKRDL30RRY
date
Sat, 09 Dec 2023 10:13:56 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14617
last-modified
Fri, 08 Dec 2023 22:04:29 GMT
server
AmazonS3
etag
"1a488044f5e6a0b7ad5381211afa0ed8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
KsJK_GhXIHX_xMy3cdxUt7n3n8FkujXLNEXLLhQlP2k1LFwEZQjdSg==
2431002.jpg
apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/09/thumbs/medium/2431002.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c77960bf019d8da763868f31859479d823c773f8f6358fa37742f0910484a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ZJsMSCAdUFN7nLuxU_qX42qQhWlIGkN1
date
Sat, 09 Dec 2023 10:47:52 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2289
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19742
last-modified
Sat, 09 Dec 2023 04:44:01 GMT
server
AmazonS3
etag
"327e093ac1037267c90dad00b34a314e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
10iLvsncnTrbEAGppM80Tp58aGScSsTb18iktIR-lIUwwwNX3owUMQ==
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Mon, 08 Jan 2024 11:26:00 GMT
date
Sat, 09 Dec 2023 11:26:00 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
Branded.txt
cdn.thestar.com.my/Components/Branded/ 		22 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Branded/Branded.txt?v=1702121160141
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbea0d9f17e3045a3b6fdd67b7fa53620fb041d4318c9ec80ae26b4efa91da0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:25:54 GMT
x-amz-version-id
dwFvRT89_aKGGdDT0HMTfqX9d8WOf074
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 09 Dec 2023 11:25:05 GMT
server
AmazonS3
etag
W/"b3e41801f57e900a99421538155c9e9a"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=180
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ijalBlpp31_pgtiphqSbmJiYUkTSVIK-ye4XLoNnTcsX14-09hkZ3Q==
subscription_footer.aspx
sites.thestar.com.my/tsolnewsletter/ Frame 86C7 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
ebcdc4363b366b7bf82cfac7e9b6679c9e8c0e4a7b5959755e0f2c448884e272

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
3062
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:00 GMT
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
config.min.js
cdn.thestar.com.my/GlobalBar/ 		15 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/config.min.js?v=202309026
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20221101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2756b891d33e886ccc38a154b38b398dc1df2947df67be65d2c5d84bce847d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
HrUd23bAwJlCPPRYYA3r6vAap883R2PU
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:25 GMT
last-modified
Tue, 26 Sep 2023 01:19:07 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8747
x-amz-server-side-encryption
AES256
etag
W/"dd09b067b51eb813217f79259e5e0597"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xkdk2qhHdQKZLw4mBmQkh4Pls74cYp-KGxNgx4rh6xhvdPw0_l_OWQ==
bar.min.js
cdn.thestar.com.my/GlobalBar/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/bar.min.js?v=20220224
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20221101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbd402427adad1345c6041097f643ad2641bcc49ca289bb6b1bd85ba683b1c8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
47xgJ.l4Ji.Dvy2Kn7HDp0XANK9yY_uP
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:36:01 GMT
last-modified
Thu, 24 Feb 2022 01:54:53 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7122
etag
W/"27483bb7f2dfb351ebb4d2a3f427024d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
NEeNE9d9Lw3dcGPrPQF-W6w0sh1MEG5KzUqsJyAvxwye9Tshu2up7A==
home-grey.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/home-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
iKT.5yejZvc4POdV8Tabe7aj6JXaFYKH
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:04:17 GMT
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1800
etag
W/"2f089abb1a815b7573aee61676ce494a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
4t1iD1BOxFyuguvDJ-3YDI2LTfrBi4bBdcQ4Luj2OLfUH9HFwsxfOg==
for-you-grey.svg
cdn.thestar.com.my/Themes/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/for-you-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
w7MOlogLTHynNMKz5HAzX7B5N2iAIrp0
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:43 GMT
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
347
etag
W/"022db165b3c8a0fd90abf412efca1e65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
U6fcq8CvaguctmtqE-Mcd0qlShX7n7RIHcsBcgTbkSkx18da2Xx4Ng==
bookmark-grey.svg
cdn.thestar.com.my/Themes/img/ 		430 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/bookmark-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
pAG2hmmE51fnq5Xp99Cla7Tf29NT6Exq
date
Sat, 09 Dec 2023 10:32:39 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
3397
etag
"bce4e380fa2100c507926b4c875ef156"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
430
x-amz-cf-id
WdNJxmNBaHq6parzxi-PfDmASH49mN3An1qA-ImvshY-G-rE_bg73A==
podcast-icon-grey.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/podcast-icon-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
lRDIEQegUr9xjkZKhFx9S7_qrf4WmSsn
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:21:43 GMT
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
566
etag
W/"cc05c46b7da9dbf62a65266a55f0476a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
NZrf8waKx2ymFF2XUHhlEXWshwT5FmlChM7FYi6BM91AWOOOyr0bdA==
search-grey.svg
cdn.thestar.com.my/Themes/img/ 		882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/search-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
AuwJ7QRx8vivVMdQpCg5ZY2WKboXLadY
date
Sat, 09 Dec 2023 11:13:04 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1065
etag
"471e3523d499fc268cdd78c32c7b4cf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
882
x-amz-cf-id
monKMx7lalgjKWMA7Y4dl7agNxFs44H5H4JTjJQ7chGLYRIgeUBqRQ==
segment
api.cxense.com/profile/user/ 		62 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=ec30973424ff3948df3ac1b786e3d43d71aa5a89&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lpxyzoh4760pkq1v%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0001.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=601
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=629
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		542 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16186&site_id=116302&zone_id=693816&size_id=55&alt_size_ids=57&rf=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&kw=TanjungMalim%2CDrown%2CSabaroziMohdNor%2CPerak%2CPerakFireandRescueDepartment%2C&tg_i.domain=thestar.com.my&tg_i.page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tg_i.pbadslot=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_ATF%2FDesktop_TSOL_News_SP_ATF_Megalead&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=6820b2893c08c5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_ATF%2FDesktop_TSOL_News_SP_ATF_Megalead&slots=1&rand=0.8808512719196793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
78f1581609fd1174b0086ef6cd15e107451c0e86838772a815b7b347baf313f2

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
542
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
45c94097c497b0b0ff39e80e87f9dd25ea631a21343bc86a9c40ca53598341dd

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=582
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Dec 2023 11:26:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f730cf198d89f0d7ad5127d10c58b53f3b85baced67a00b6c84f9bc3aa1493bc

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=503
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		517 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16186&site_id=116302&zone_id=693816&size_id=2&rf=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&kw=TanjungMalim%2CDrown%2CSabaroziMohdNor%2CPerak%2CPerakFireandRescueDepartment%2C&tg_i.domain=thestar.com.my&tg_i.page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tg_i.pbadslot=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_BTF%2FDesktop_TSOL_News_SP_BTF_Lead&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=18a9f132ed3f474&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_BTF%2FDesktop_TSOL_News_SP_BTF_Lead&slots=1&rand=0.5466904204924248
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e2087a1e973a0fcd0087d730072da06ccf2c545fb5c4280b69350da3c4253d99

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
517
expires
Wed, 17 Sep 1975 21:32:10 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 11:26:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
25795
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
quoBhkaB2aVJE9WIHQONod_FIve2RPSqJHzByu8s-yEMgU3aYux2WQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 09 Dec 2023 06:24:16 GMT
Via
1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
18105
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
Qzy4fkb__LeMc_5zMGBsV3jUcLtP2MW4aLS9e8kiRalxyAPKIXDo8Q==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:27:07 GMT
content-encoding
gzip
age
233933
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:27:07 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
N1Q6XNMTB1RT927G
age
3226
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
832ce4040c962c1a-FRA
x-amz-id-2
H5yLzTS5rv+zfAJ5GHpITZE7EAwxhirbEOBmJ+YCokkf7tagMf3Cx7FYsKZxkb/38g29R0nBoyQ=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34804
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NylCh2h4Jc2epgTvIO1Xc%2Blizf2lRahXTdQZAg8HyAn%2B%2FdfJQWFjgTNtOcaVgY2lmrkkLJ3RY41jrSQYCS0r9cawtBlDGojKpNM5VaqP1PzT%2BwGfD%2Biqq%2FYzFs8%2FKlRKd8IRfMBwNVEGRv4hvqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
832ce40378b96957-FRA
get
mv.outbrain.com/Multivac/api/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&idx=0&rand=26307&widgetJSId=AR_1&va=true&et=true&format=html&px=180&py=2175&vpd=975&cw=820&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010547&sig=83144877&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ded987bd18e1d6b24d72a86457b9d30ab0af4ed0bd3720ab448da2bdd1811ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1702121160.345343,VS0,VE446
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21978-LGA, cache-fra-eddf8230139-FRA
x-traceid
03aeee0bdd3030e2875dca4ce33bf718
accept-ranges
bytes
content-length
14893
expires
Thu, 01 Jan 1970 00:00:00 GMT
sp1.html
cdn.cxense.com/ Frame E7DB 		456 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Sat, 09 Dec 2023 11:26:00 GMT
Expires
Tue, 19 Dec 2023 11:26:00 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
home-red.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/home-red.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20221107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
KZWSU2EI3njfvx4j1TIh_Mn4THsKY6Uo
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 10:50:07 GMT
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
2981
etag
W/"3ec8ad3cbc1fc0de9ce3d5ac429dfb77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
Em8pEBiSWfdXzAQjW3v-ovxvZSNHsezWIph8DGo4h9cwgbkoIHc6gA==
2424353.jpg
apicms.thestar.com.my/uploads/images/2023/12/06/thumbs/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/06/thumbs/medium/2424353.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a2a4f86cf887da445816c0714592ee202d0e6734e91d016d75f81ef6841a51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GXgGkdr13dyE0j4em2XW7QdRKvw6Xsix
date
Sat, 09 Dec 2023 10:51:57 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2096
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23218
last-modified
Tue, 05 Dec 2023 23:39:19 GMT
server
AmazonS3
etag
"2872871f4055b9a0156382c1f18c3562"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
uBY7MtTf-0xN6pYAacdFs6e-90OeL3UXMrvcfCSnXYtCcJt7UG6ITA==
2428483.jpg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428483.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f33759d43473b42f60fbbd9996be3cbd9d0799f4483a557bbba78acec2776f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
frnYur52d5vWBjCnFcMsPzpCMN.Guyr0
date
Sat, 09 Dec 2023 09:54:43 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
5538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23535
last-modified
Fri, 08 Dec 2023 01:33:14 GMT
server
AmazonS3
etag
"254e60d104287a377f8893d9d7f8179a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
1wxL9yrkHjzRYZzlAg1uAsBwiImUGqmPxzhdI12pX8IBfXveXcFvpA==
2427281.png
apicms.thestar.com.my/uploads/images/2023/12/07/thumbs/medium/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/07/thumbs/medium/2427281.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8793f6901ffc7685131ca9785224c01c76993037717f9277ea8c8e0027d9f0cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ypNSKDDpY4AgakXqM_033GJaVgm1Qqu4
date
Sat, 09 Dec 2023 09:02:52 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
193219
last-modified
Thu, 07 Dec 2023 08:52:51 GMT
server
AmazonS3
etag
"8d306aaa17458f94f4114824cdd39eeb"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
i_Q51WNyW3FAhbTQMn97RaROVI3p2GYt8Sgo1cntNcHj4CNGMWDJbA==
2428458.jpg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428458.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0ef848994dccebae5e70d0f00a93707f3cec14ae5116baf48b653271e3376d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
N7Cbza81aU3NNCJO5gU9MtE93TNjPYIU
date
Sat, 09 Dec 2023 10:03:51 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
5022
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28710
last-modified
Fri, 08 Dec 2023 00:56:25 GMT
server
AmazonS3
etag
"f9fc5e9f0083830b4a18f25f2e17174c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
82Pfq2P4wpw3cXsxvREYu1BM6jShIKCkndwi_kRfocjMixk6s5P6hQ==
2428649.jpg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428649.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75d7f58a2623ddffb3e61d43684def895e48be7b39530028c7003b00a587669a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
yztRruNy53aNWmbXXONpXeMFU2lhLvob
date
Sat, 09 Dec 2023 10:12:18 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4434
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20306
last-modified
Fri, 08 Dec 2023 04:01:56 GMT
server
AmazonS3
etag
"dba44e2501b6b96898fe01d81a94fa91"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
t6pL8mSmVKPSq64nhAUDn-e29SRscNwIZQtETEJOB8d6CRwpH8_mQA==
2428544.jpg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428544.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19c2e4de8b00ce28b63ef23eab8660544e7c48767f42bbf1804a17f04c074388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
TmTTm7MaxMdHwcJO8c8AM_leJGy2vFsf
date
Sat, 09 Dec 2023 08:59:04 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8822
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29202
last-modified
Fri, 08 Dec 2023 02:45:52 GMT
server
AmazonS3
etag
"33e5016954325bfa4d2adfcbba18c4ec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
Y10dPXaKEHU17rLRkwhlUiZxcFbkdWiC56EoRkl_ns2qfszqX37R0Q==
2428387.jpeg
apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/08/thumbs/medium/2428387.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29e8cfd1bdf4a010f1f5c9212a0374c2fcd1bcdba402ae0c28755e65ddbbbaa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
P9LJrNcDPdOiq3Cfcr1IcZKuIFJ24hPM
date
Sat, 09 Dec 2023 08:46:55 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
9550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17074
last-modified
Thu, 07 Dec 2023 23:21:47 GMT
server
AmazonS3
etag
"edff242f9c73b6883a008710b6d1c732"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
qiq0YCljTpMOTrF9w6HzOGfDFlBbtoXtdo64YjAp5T6n07INtF8oQA==
2421300.jpg
apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/2421300.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb6889a1ee36ef55127a4220a45119bc70d3a9f9bfe4f39dc2d3c4b546f6fced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
R18HKUN_9H3TJ7sD7Rr.1HSPct6MvnHJ
date
Sat, 09 Dec 2023 10:51:57 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2096
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16479
last-modified
Mon, 04 Dec 2023 07:42:33 GMT
server
AmazonS3
etag
"599f46ea8668e76b24bcac1818880a7d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
Ah49aAQgLnGRs6yM8-hBQqxMsRyavCWKNWHJxGdWedUYFv9ODG-HxQ==
2420973.jpg
apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2023/12/04/thumbs/medium/2420973.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8c04b0f8aba9e4078696e0348bfb764a749e71cb2d972e5bb677fe5cc1454af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
6zodhV.7RT9pEF0ZiPxbO436eA3SWTQC
date
Sat, 09 Dec 2023 11:21:51 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
251
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23755
last-modified
Mon, 04 Dec 2023 05:14:37 GMT
server
AmazonS3
etag
"5063b50fa8c2699f11def724005bbb95"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 31536000
accept-ranges
bytes
x-amz-cf-id
FZM6Ntjq--MnPVds7cBTaIuC0RWJh-AaD9twy5UdvLEYyaZ0Fw9chA==
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2621687
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230074-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wONtZOngMfntTfW%2B6RKt1ngZDO8iTiPOTX1dCUvahbRoDqssEvsC%2Fxa%2FooE65yS35v5pCfSWOzzszXA7sSxqAhs30PLtfeNhO19aKVPBtd8j4l%2BcsPQ6ol2CsysQzTmNkMKYzWxVljZn6IaGmp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
832ce4043ff55bdd-FRA
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2431122
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJFtV7YsSF6u4sAm61cDopD%2FSCs5Ne9Z7gx2mhKct9MF4ig9CsajRi0N7AsUwbhEZktSJzGEDyG5Pcv7Bj5PNQ6MqveeP4CLdgGc81bnSEb6BNmn4PgzSH5msv5PVP%2FZw8a2X5KLT%2BGefZjzReA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
832ce4043ffb5bdd-FRA
cx.js
cdn.cxense.com/ Frame E7DB 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 13:41:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37050
Expires
Sat, 09 Dec 2023 12:26:00 GMT
gtm.js
www.googletagmanager.com/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed4f1490ca6c994e0613295e2844cd170c318c713c8aac7800e31cc935961f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86719
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 11:26:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-29.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:13:05 GMT
content-encoding
gzip
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
83576
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CbDedKfW_Pvt3ZcBghQlCnOAwPLU7fhfr2VFzGAaQNvGeEgy-RJVig==
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1202
etag
"4c9d5a55c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWQuzo4B4qIsPe%2BGQxmPaXmMG7sShUB2lrIMypUv%2BHeuMLM0x%2BqUbkHunuAmADBY83LSuzwXA6LOtQ%2FIJIJCApubkoemW5j3ONRnJaooI7Lk38S3Y9zlAKBq4eyUxTuzbuoCIBXBOMcYBf7JlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832ce4043aaa2c76-FRA
content-length
816
js-versioning
osjs.netcoresmartech.com/v1/ 		255 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Requested by
Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5b7b80776d33c1e116616b6500b433a85b7347e7a7cc83be55955226c9db6d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
last-modified
Fri, 08 Dec 2023 13:42:35 GMT
x-amzn-requestid
a330cfa1-b491-47d5-991a-36ab748afb4b
x-amzn-trace-id
Root=1-65731d6b-05fe840e4bf0220b5917cae2;Sampled=0;lineage=8d157353:0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=526713
content-disposition
inline; filename=smartech-sdk.js
server-timing
cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1702121160426_1600468695_2071430157_2208_812_38_78_146";dur=1
x-amz-apigw-id
PoGI0GRGhcwEO9A=
content-length
72967
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:34:04 GMT
x-content-type-options
nosniff
age
75116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 14:34:04 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:09:19 GMT
x-content-type-options
nosniff
age
400601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 20:09:19 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=434
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		884 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=415747133652828&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_STO&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&didk=806968585&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121160357&lmt=1702121160&adxs=288&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=1600x2965&msz=1x-1&fws=516&ohw=1600&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=239678309&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c105a539c7233dbbdcf7595ca0e4b8fc0bb16f886c28ad11dec1873b9914e99c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
460
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC76 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		553 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16186&site_id=116302&zone_id=642366&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&kw=TanjungMalim%2CDrown%2CSabaroziMohdNor%2CPerak%2CPerakFireandRescueDepartment%2C&tg_i.domain=thestar.com.my&tg_i.page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tg_i.pbadslot=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_ATF%2FResponsive_TSOL_News_SP_ATF_Rect&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=2235213b69365bb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_ATF%2FResponsive_TSOL_News_SP_ATF_Rect&slots=1&rand=0.006982622432007979
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
baccfcc115eb2fce7a1200e3b0295ac98655d6e3d6a204e0c32c4682f5ba318f

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
553
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=551
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
595f0e40435a963cda716215b98d59008c9c7f74cdbf116169fde0380762da3e

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
widget_iframe.979019d93e57e124a0ac3dd81bd32027.html
platform.twitter.com/widgets/ Frame 3AF0 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.thestar.com.my
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
71193
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:00 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Fri, 08 Dec 2023 15:37:03 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6727)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:45:41 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2018420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
YNzsJPl1LhnRkOQ3quHsz2hctg_oHmYvUniDYuxpAwRAf2l0zTw7Ng==
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:23:08 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
173
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
8CyRKVwHqt2mIPnhuFGpzO5n8VWhdB3sVOWb66ppCQbo69hFS7X_4w==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:18:43 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
889638
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
832
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"afe7fc60ed757db39a88d2950fce69c9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
PtUAYFXD4B78rwpbI88TKtUYe23zFt4Wk0BRJDnM8fZS2rosTAoC3Q==
telegram.svg
platform-cdn.sharethis.com/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:22:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
231
x-amz-server-side-encryption
AES256
etag
"e3f5e90fa57764cd951db1b1bc688edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
858
x-amz-cf-id
d2nFYMyK6bMXZOiNPRln4lOge465gIJkWe5HkKIXN9ttm7U-4cPMbw==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:16:05 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2005795
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
456
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"fa43b4ede18498b114fc7185993f6da7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
3NeOWbRvzIhH23BHhKwCNYJ2QgkU5qkE_SrLBN_CC2AAYZfhf4LNhA==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:06:15 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2143186
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
343
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"5977437466e857c7ddcadda6f6d88c2a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
XD2Qz0qJfq5k4dyxgGY7wcK3Rwa4aGH5M3kUoNl53dgqdySugZPwdg==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35AD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132129
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Mon, 11 Dec 2023 00:08:09 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
starmediagroup-d.openx.net/w/1.0/ Frame 8151 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://starmediagroup-d.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 09 Dec 2023 11:26:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
global-bar.min.css
cdn.thestar.com.my/GlobalBar/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/css/global-bar.min.css
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/bar.min.js?v=20220224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
QR5FC7msyz3XbukdKO9JSVGPSk3gSipT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:10:23 GMT
last-modified
Tue, 15 Feb 2022 08:36:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
8218
x-amz-meta-cb-modifiedtime
Wed, 01 Jul 2020 07:40:54 GMT
etag
W/"2352a7924ab6600445060ce8da2f9e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
7SfSFu1QKm3vSebSUSDpIXtqkAD6BNsB9SXTLFefvFkJSZATBkuq0g==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		533 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16186&site_id=116302&zone_id=642368&size_id=15&rf=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&kw=TanjungMalim%2CDrown%2CSabaroziMohdNor%2CPerak%2CPerakFireandRescueDepartment%2C&tg_i.domain=thestar.com.my&tg_i.page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tg_i.pbadslot=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_BTF%2FResponsive_TSOL_News_SP_BTF_Rect&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=28496381197bd74&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_BTF%2FResponsive_TSOL_News_SP_BTF_Rect&slots=1&rand=0.6311113522536311
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f37932f9105534a82b2453b091fa3b4108e51b36ec10155f739bcd28dd3d560

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
533
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=521
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Dec 2023 11:26:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5aa400662daa8831c312bdcc8228952c2ff390a75b2f80a2a262febaf9633637

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=394
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Dec 2023 11:26:00 GMT
data
api.cxense.com/public/widget/ 		333 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22widgetId%22%3A%2254aaff126eb002491eaa07aecde1d51cee28be16%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22%22%7D%7D%2C%22prnd%22%3A%22lpxyzmondzwmcqtjz8mr%22%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0001.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8be46074a07e5af5816593d2871cb2962b479dda3c380270ec83da5cd218340b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Mon, 26 Jul 1997 05:00:00 GMT
getUserEngagementConfigs
www.thestar.com.my/ 		177 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/getUserEngagementConfigs
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8ae2065b0d7c4d9a6bb8155e41e426173f687c215e00690c4aea5d03e88d74c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dev-smebizhub.starmediagroup.my
cache-control
no-cache, private
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id
1mvYYxKJiibJjWo8wv8TthMnnl5sQkN2GS8Jkn1rHywnFBSijGNA7Q==
HazeSponsorLIVE.json
cdn.thestar.com.my/Components/TSOLHazeApi/ 		386 B
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TSOLHazeApi/HazeSponsorLIVE.json?1702121160831
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70c47e8d4b9ff920fb9b78fe5e5c2a0a0e363c678fccf80e6b40bde330ba8c19

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BRT7KB43cxDBoVC0NKnwPmPs6mQR1CbQ
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-meta-cb-modifiedtime
Fri, 13 Oct 2023 10:18:12 G10T
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
386
last-modified
Fri, 13 Oct 2023 02:18:14 GMT
server
AmazonS3
etag
"b694cdd74dd63bd58d14d2f7405457c6"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
qq29QFqjIZrO61_t4RgZ3FkBPTfZmaaLhuFy5wKwmWHmII7iM6p86Q==
jquery.jqplot.min.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
x-amz-version-id
cWifd0oQ7MIedMAfT87eVJq6aFVX7NfX
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
XPA9DDN84ECDGF2H
ETag
"ef129c8b8213aec2b24294b9dadf0a5f"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:32 GMT
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
952
x-amz-id-2
q2l1ozHRRA4EKsKGlYxRhZXhYVlfrdEaLatSSDZp9gEPJPf6/LN5Ag9kjT4vuyxm7dKIM8CxjQY=
marketsummary.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 		261 B
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/marketsummary.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-version-id
chpdOUEQZJ.MyaqfUhMXC5GIx3GBEoNS
Last-Modified
Wed, 09 Aug 2017 08:11:49 GMT
Server
AmazonS3
x-amz-request-id
XPABPDF191NGZNQT
ETag
"84d888e4f9d0ce8e130822125f07491e"
x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 06:29:41 GMT
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
261
x-amz-id-2
MyA82ttAGYAIFtDDZwAronGDCWSZLLAUcDfJCb6ixhpdVeV78vnIBwaoHA3uEUoYeTo2OwCO8qE=
top15active.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15active.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c97f0ca756712d1afb4c1c8c7b7028bf7a8b2e9da6edd3c2522da52497f299cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-version-id
poKj4IPH2VbjXY3BSiGZt7Pf54zK.GoM
Last-Modified
Fri, 08 Dec 2023 11:12:22 GMT
Server
AmazonS3
x-amz-request-id
XPABAVBB6EBXGT71
ETag
"c2f2235ad3f0ccde07fc46d015872380"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
3543
x-amz-id-2
+vBNEIU9CMVqVx2F8+Ps0hpeJ6+nfS24wegeiFTxZRZ/5Z9OB44pvk4/WfAR5MkIapmkKO/9O34=
top15gainers.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15gainers.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
65fd53bb4153b7a9cb0493d3ef4b83dfc325e153511d6909a20a6ffe0ac41bde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-version-id
Z6XLpx9G_Saa6RFLNkpldQ1V8u8HHRhm
Last-Modified
Fri, 08 Dec 2023 11:12:22 GMT
Server
AmazonS3
x-amz-request-id
XPADBX56HXWY1K0H
ETag
"3068255e55fdbea001d71946f4f4e06d"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
3558
x-amz-id-2
oKtTq6JBV82euKGsQuA/7JerQ9Sbjt3jzxm3EddGu3uxdsbPazJf0kva3GjulLgd9utcR4ZqlFk=
top15losers.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15losers.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6b2c0adfcb92a165063af32663ae95ab97f57b1df2f65f8243cb2efef974d74b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-version-id
Gjo.BpzC4Vo4Ie52rMHgFhWKwhU4YJCQ
Last-Modified
Fri, 08 Dec 2023 11:12:22 GMT
Server
AmazonS3
x-amz-request-id
XPA2A9Q95EG4KHJW
ETag
"10254e24cc764ebc863ccc4b40a81220"
x-amz-server-side-encryption
AES256
Content-Type
application/js
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
3568
x-amz-id-2
D7gdoI3mri5fjhuCBrZIz75k4LAQj8BCQ/b739bCGjLaDjJaZ6zSPgrzx6rLlJQlGp7Mh1snhxo=
ressecdata.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ressecdata.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
x-amz-version-id
h.vMYdWszAQQe_JyPCkE3IqIYSDmKQvp
Last-Modified
Wed, 09 Aug 2017 08:11:49 GMT
Server
AmazonS3
x-amz-request-id
XPA86D44BW0XZ0QF
ETag
"e4dbf47e731c34691e0aa212611bb6f4"
x-amz-meta-cb-modifiedtime
Tue, 28 Oct 2014 08:02:53 GMT
Content-Language
application/js
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
4626
x-amz-id-2
9rrtlsstpEF1n48A/TZO15uET062JlW9MUnngjkMgAepFF47TA6UIZo/xqGTVQJjbiyzXkeoHd4=
Flyin.json
cdn.thestar.com.my/Components/Flyin/ 		946 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/Flyin.json?1702121160846
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc251bd2f3d0fdb30e7c59feb95463f393679f497b584d4a624c17c34846d5bb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
4n8SS5XlGh7klZv1L_.dQnpQCziuZn.d
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-meta-cb-modifiedtime
Mon, 27 Nov 2023 17:25:51 G11T
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
946
last-modified
Mon, 27 Nov 2023 09:25:52 GMT
server
AmazonS3
etag
"ea968d7e28462770cb57c842d098d74d"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
vhcjAkMseGL4ODIzFp05B7F3RVC8C3UeYfnfNKH6N3fAQRReY2iUDg==
Icons.json
cdn.thestar.com.my/Components/Icons/ 		589 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Icons/Icons.json?1702121160847
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
188ff1b5a8cae968c82e96089b88544f7211f04deff148ed6e2f6e4c84a770d2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
zTeZDSNqJP3iiSAwRojBnvTy4g5DNb6.
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-meta-cb-modifiedtime
Wed, 23 Nov 2022 12:45:53 G11T
x-cache
RefreshHit from cloudfront
content-length
589
last-modified
Wed, 23 Nov 2022 04:46:35 GMT
server
AmazonS3
etag
"ef02b29637f393101502fa1200e8e9c1"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
q567LREmgtFUANkL_X42QSlF-LD5VxdD1m238R8IThLXO3Jvfe-0Sw==
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=169
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
anchor
www.google.com/recaptcha/api2/ Frame 367A 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
248bb9dea8346c4869daaabeffd4fdb2ea4caeb96e2559e7e222e93cb0d8308c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_ImEkMnGAZlBrx4iapESlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_ImEkMnGAZlBrx4iapESlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		630 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=2084248315560360&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_Slider&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=2&didk=2436364497&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121160919&lmt=1702121160&adxs=180&adys=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=820x0&msz=820x0&fws=4&ohw=1600&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=1323336025&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa0d4adc7bde8a362de5feda9272bb6b2e9aa2c1f7067b7e4f9ce23454fa3601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=1312175546928143&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_AdRefresh&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&didk=1619000099&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121160940&lmt=1702121160&adxs=0&adys=172&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=1600x1&msz=1x-1&fws=4&ohw=1600&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=1690029205&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b844668eae3ecf38e5f9c9d017097201e736423812ad480abe6e5f3ef1fc8677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12493
x-xss-protection
0
google-lineitem-id
6099848631
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403066302
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 60B7 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 11:26:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp&cc=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1acaabe5be0185da9c2db5d9983799af7eb7a43bdb2229db6a96342375e0d18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-DOcl59QaQ4cv/FYQFHH4LNPC/qU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.thestar.com.my
location
/esp?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=530572484381869&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_News%2CResponsive_TSOL_News_SP_ATF%2CResponsive_TSOL_News_SP_ATF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=4&didk=317819087&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161005&lmt=1702121161&adxs=1070&adys=241&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=300x0&msz=300x0&fws=4&ohw=420&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=2166171109&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2df7b1d39013aaac880a63c43090f57e38890252a2f4522f404f048265272fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12710
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=1575530742962837&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_News%2CResponsive_TSOL_News_SP_BTF%2CResponsive_TSOL_News_SP_BTF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=5&didk=1854944664&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161023&lmt=1702121161&adxs=1035&adys=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=370x0&msz=370x0&fws=4&ohw=420&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=63327834&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1da178c0420e655510bffba588ed8612fc7f8cc9e3b072f364d27acd1b75f3c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13548
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=2587117024670655&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_Mid%2CDesktop_TSOL_News_SP_Mid_OSV&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C640x480&ifi=6&didk=806979627&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161028&lmt=1702121161&adxs=390&adys=1122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=610x0&msz=610x0&fws=4&ohw=820&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=2043071364&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b589af4850ab6c0c81671544aaf2b38d790904090f1c3d26a08f58cb5d8bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12499
x-xss-protection
0
google-lineitem-id
6101010127
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403034895
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
cdn.thestar.com.my/Themes/css/ Frame 86C7 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by
Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sites.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 09:59:25 GMT
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
6091
x-amz-meta-cb-modifiedtime
Thu, 12 Oct 2017 02:23:22 GMT
etag
W/"67d856a36edacea9564bd92310f7d792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
BIq1ozXWjSeIioE1igicp0s9yq3rIdCi_-wkmEqZ3UBnMOp2sFh1EA==
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=950183541890363&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_News%2CResponsive_TSOL_News_SP%2CResponsive_TSOL_News_SP_ATF%2CResponsive_TSOL_News_SP_ATF_MiniRect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=300x250%7C300x100&ifi=7&didk=3748088188&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161035&lmt=1702121161&adxs=1035&adys=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=370x0&msz=370x0&fws=4&ohw=420&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=3366644813&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6235ffbdfcfee97e18c6ff45373f34a6b552b55373c73d2ef06ddbf1c0f855f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13238
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 3AF0 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=2de3812d8e2a3e05447e46151b4d72d459d8979d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.thestar.com.my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
109
date
Sat, 09 Dec 2023 11:26:00 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sat, 09 Dec 2023 11:26:01 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
7602986a8e3c179e
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
444780347a151e42c3a6098c775d66c8a1380a3a4b750453fc3ed8bac68bfdd8
content-length
337
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=3822846827041619&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_BTF%2CDesktop_TSOL_News_SP_BTF_Lead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&ifi=8&didk=825743112&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161055&lmt=1702121161&adxs=226&adys=2046&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=63714341&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1155bdcf9804f2fa5b574ddfa09254f965a466aa44c36ca41d6f06eae112cb87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13257
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=3619600936674368&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_News%2CDesktop_TSOL_News_SP_ATF%2CDesktop_TSOL_News_SP_ATF_Megalead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x90%7C970x250&ifi=9&didk=132285340&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702121161062&lmt=1702121161&adxs=315&adys=167&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=false&dlt=1702121158670&idt=1413&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation&adks=2910908103&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27af09a899ca656ce17c939c4b9e3d6c5945a7a710929eb7547bdb96707fa4d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12977
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 35AD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1678595&p=161329&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:00 GMT
content-length
0
PoweredbySMG.png
cdn.thestar.com.my/Themes/img/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/PoweredbySMG.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
6l0YaTFqv_DJQQmzH3NhhMYhDI3mFDHP
date
Sat, 09 Dec 2023 11:13:06 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
1575
x-amz-meta-cb-modifiedtime
Fri, 24 Jan 2020 03:30:24 GMT
x-cache
Hit from cloudfront
content-length
969
last-modified
Tue, 15 Feb 2022 08:37:20 GMT
server
AmazonS3
etag
"3c0f549d7db345b0b035ec2d7fa24807"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
guHiuSNZkje8mxZpD_m0hiPtuapoI6-Ad8uqOLyt8gLQ5urUQt0JYg==
styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 367A 		55 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:00:00 GMT
x-content-type-options
nosniff
age
12361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56398
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 08:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 367A 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 19:47:30 GMT
p1.js
p1cluster.cxense.com/ Frame E7DB 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
f01ae5ce5ad4830909f10e3d30aec16cfc868341a5d843390fb385ddb0ad05fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Fri, 09 Jun 2023 11:26:01 GMT
server
Jetty(9.4.28.v20200408)
etag
1coquzh56ve2z236tix0ktb7wd
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Mon, 09 Dec 2024 11:26:01 GMT
syncframe
gum.criteo.com/ Frame 276A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thestar.com.my
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
server
Kestrel
server-processing-duration-in-ticks
271710
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
806c88af81e15f8784ad926cf7586b0572370fc5d5a624c94cd381c3517ab860

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache
x-server
10.45.8.56
access-control-allow-credentials
true
content-length
60
expires
0
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035691&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702121161107&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&c8=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&c9=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-29.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
IgJjbaRMEP3YWIIM7XN9E_vYagiWD-CDil1N0hFIg6wnq-NP2TN7GQ==
x-cache
Miss from cloudfront
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Mon, 08 Jan 2024 11:26:01 GMT
date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=57b7f02e995ba7c83ed6d967e4754ad0_10247_1702121160412&tm=989&eT=0&widgetWidth=820&widgetHeight=57&widgetX=180&widgetY=2046&wRV=2010547&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=881&oo=true&lo=3097&obreq=2949&mvreq=3687&mvres=4568&cet=4g&to=1702121156550.2&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
654fd6e6456afe16e8d94aeef3c90010
Content-Length
6
clip.js
widgets.outbrain.com/nanoWidget/2010547/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010547/module/clip.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
12bb00e6b04d311f0b2ea2863a7e609d9e00a9086cda7aafaffb9476482ccefb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
content-length
710
last-modified
Tue, 05 Dec 2023 09:57:01 GMT
server
AkamaiNetStorage
etag
"57a1ce9b43f28e94c4b4d5e67ef78965:1701771817.159342"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Sat, 16 Dec 2023 11:26:01 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dfc25760800931e6907df05679aeb97e_10247_1702121160573&tm=996&eT=0&widgetWidth=814&widgetHeight=305&widgetX=183&widgetY=2078&wRV=2010547&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=3097&obreq=2949&mvreq=3687&mvres=4577&re=4579&cet=4g&cs=2&to=1702121156550.2&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
8746fabc304c1edfe24aec6fdb1e6d78
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=74d2fed4291050e01a41a79ca99c4875_10247_1702121160732&tm=1003&eT=0&widgetWidth=814&widgetHeight=263&widgetX=183&widgetY=2407&wRV=2010547&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=3097&obreq=2949&mvreq=3687&mvres=4577&re=4587&cet=4g&cs=2&to=1702121156550.2&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
bd6c61c8f00e5461d3d9780780e9f0e9
Content-Length
6
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Mon, 08 Jan 2024 11:26:01 GMT
date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1701762092.299136"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6IjU1YmJmMmJlMGE2MzBiMjg2MWQ5MjFlYTMxMGQwNTYyODk5N2VkZWE1YjYzNzAzYTg2YjZhOTAxNWJhMzlmZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1YmJmMmJlMGE2MzBiMjg2MWQ5MjFlYTMxMGQwNTYyODk5N2VkZWE1YjYzNzAzYTg2YjZhOTAxNWJhMzlmZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Wed, 15 Nov 2023 23:06:55 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=430900
access-control-allow-credentials
false
x-traceid
2839372498b34bbea337288491eec1f8
timing-allow-origin
*, *
content-length
67040
eyJpdSI6ImJiMjJkZmI1YmUwYmRkZGVlNGJmZDdlM2VkZWYyNjYxNjA3MjFkODJmZjlhMGU4NjRiMTVlOTczMjU5Y2I3OTEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjaCI6LTE3MjcyMTM1ODEsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJiMjJkZmI1YmUwYmRkZGVlNGJmZDdlM2VkZWYyNjYxNjA3MjFkODJmZjlhMGU4NjRiMTVlOTczMjU5Y2I3OTEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjaCI6LTE3MjcyMTM1ODEsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1413017f0d6d89166aae58601449b6cf4940f7a2e45737a6eb276e1dadbdcae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Fri, 01 Dec 2023 14:25:22 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1781938
access-control-allow-credentials
false
x-traceid
fcb955732c89c8ad1c035a27d38e02ee
timing-allow-origin
*, *
content-length
11556
eyJpdSI6IjU4YzQ3MWY4NDVhMzY3NmM0MjU0YWM1YTQwNGJlN2Y2YWU1M2YwNDZmMDRhNGQxOTE4MGFkOTkwMDU1NWE1YmEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU4YzQ3MWY4NDVhMzY3NmM0MjU0YWM1YTQwNGJlN2Y2YWU1M2YwNDZmMDRhNGQxOTE4MGFkOTkwMDU1NWE1YmEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e75ab6d71790a083dfd038f73d7870b35d04623d2cb7aa7ec662f5fde319a40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Thu, 26 Oct 2023 13:25:08 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=953385
access-control-allow-credentials
false
x-traceid
8df9cb59855c9272776a66f02436c992
timing-allow-origin
*, *
content-length
20900
eyJpdSI6IjkwZmQ2NmIyZmY5MmZlNzM1NzRmNTM3MGE4MWNlNzcwOTI1YjU0YWY0YzRkOWMxMmUxZmUxMzVhMjQ3NzE3ZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkwZmQ2NmIyZmY5MmZlNzM1NzRmNTM3MGE4MWNlNzcwOTI1YjU0YWY0YzRkOWMxMmUxZmUxMzVhMjQ3NzE3ZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42f7b814f7b7dcc8717a48eeffdd2233925f658e1376ef1273db1f9884c1284e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Wed, 22 Nov 2023 18:17:27 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1960036
access-control-allow-credentials
false
x-traceid
266ce078b07bef7dedfc7c1b80293880
timing-allow-origin
*, *
content-length
35288
eyJpdSI6IjU1NjVlNDI0NGMyNmVmMmFjNzIwOTI5YWJkMzRhNmZmZjIyNzc3ODUwNDMyOTg1Mjk5YjZmNjNhOTRjZGJmOGMiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjaCI6LTExMTYyNzc4ODgsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1NjVlNDI0NGMyNmVmMmFjNzIwOTI5YWJkMzRhNmZmZjIyNzc3ODUwNDMyOTg1Mjk5YjZmNjNhOTRjZGJmOGMiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjaCI6LTExMTYyNzc4ODgsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e424ed2758c2f79068cf7bc06202ce46309fe9f9b626604f4965306c77322a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Thu, 16 Nov 2023 13:11:03 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=560918
access-control-allow-credentials
false
x-traceid
20873d16f2d452d2adeb1142c1364e2e
timing-allow-origin
*, *
content-length
8482
eyJpdSI6ImU3Yjk3ZjYxNzE4OTQ4ZmRlMDdmMWRlM2RhODVmNjVhOTM1NWVlNWNhOTQxNTY5MTBlYTZjNzkzZmRiNDhkNDAiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU3Yjk3ZjYxNzE4OTQ4ZmRlMDdmMWRlM2RhODVmNjVhOTM1NWVlNWNhOTQxNTY5MTBlYTZjNzkzZmRiNDhkNDAiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
271be90abe9cb3ee54d010346bbbe0d80b903ebec3a6c8cd9cfd1404370d8377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Thu, 17 Aug 2023 11:17:50 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1488961
access-control-allow-credentials
false
x-traceid
86f27498e1bff3a3b7fab6c7d478c9a9
timing-allow-origin
*, *
content-length
6166
view
securepubads.g.doubleclick.net/pcs/ Frame D6C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0_aux0qRse5AA94CsoSB6fqgvUmlZirvLW_anQQrrSNdmhaspNLIJgHjy7_yxVQbVFX8LK2Z6rSy5esN39l2suQZgAQX5rJYC8EPay0AcrSqshKFQCg7bEY8WiPuGolBFHHk28oRIShoswppzxhViiTC_iNiO_j6jrhdzv-OrFPSe_ytjHTAPuOsQxdmYhktsnsVF5AzoXG_OkeIdOh0F_YOdETfLQuqTX6x-_KiE7DgSUVqdMl6jcfQKCM9H74yJmjqpIJczb2OU-k0LdI8WhEGmx5Y2yyZ67lNbjX-U2RCvQGjKw-dodXPlRtH1nCNeVNYCfd2JT1lrLwWMdpPo0gifrW8ECEZ0dUFAT7u9MPNr5q2QlcyTHul5ozEl1q941ok&sai=AMfl-YTgDA0z3wtSti2Rd_gAK-cOOdvaoYF6Dl4qPDHqoSl249odKzugmLywUKF1yMvvs-I4lhtLYtbW7GRxx1CfjCIkdeZtAI-XBz2grrx9Yj5vkLdG0ccxz7iGQ5x-5tdZpQ7qnlgtnogkyQ&sig=Cg0ArKJSzKaRWuyJp8zmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D6C2 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c037c232a72e0a842cd04e56623c0bfe1f9e6db99fd4746ff99b08191ab0b538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30392
x-xss-protection
0
server
cafe
etag
649 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D6C2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
js
www.googletagmanager.com/gtag/ 		292 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f06a5637e1d66bb7c43f4f1ced10bc634be5684ed00dedd15a6074a4ef499d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
uxwBzqxH5KQMjId3tRHS8a4ShhsyAmD8zfQcMTsqNyTt88QqJyQB/TG2FTYgcsEGYQEX6EljR6rJpgx/g3D7UQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
52a360d4000447a08efd7617080680a9.js.ubembed.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:944b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60eb5417393d93d3cd0afd72343d724951e770b5f8c24da32bb3d2fb0b4d2ddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5993
etag
W/"3d5e9bc6ac90efee4e88cc3d1c179593-v0.180.1"
vary
Accept-Encoding, Referer
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
cf-ray
832ce40a3d759bee-FRA
iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
j93557g.com/v2/0/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
39477fada301dc22fc1eeee8463f43f4385f54c0c87cebef6c7e0d90efc642cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 09 Dec 2023 11:26:01 GMT
x-datacenter
gce-europe-west1
etag
"27b84b97a78455eba0ebc507f1ce0f9d113a4e3b3ed063f5eafad390d923d177"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-cmwb
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obtp.js
amplify.outbrain.com/cp/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9af81eb9abc896884c3bab25d37d1c26548c23ea2541aa10a4871d4b88003941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
last-modified
Sun, 03 Dec 2023 11:43:27 GMT
server
AkamaiNetStorage
etag
"beb0933389ac2f143c9d95dc0b432a51:1701604628.910943"
vary
Accept-Encoding
content-type
application/x-javascript
x-rg
EU
cache-control
max-age=1200
x-cc
DE
accept-ranges
bytes
content-length
7738
expires
Sat, 09 Dec 2023 11:46:01 GMT
dtm.js
dtm-drcn.platform.hicloud.com/download/web/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtm-drcn.platform.hicloud.com/download/web/dtm.js?id=DTM-0a04ac057b0b120e817b0be7b3d42a84
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2407:c080:1400:32:bfa9:8b32:ac66:a3f Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
Software
elb /
Resource Hash
897450037ce1ef8bb14698899252781c6e1da003dfa1deea3484c395a9bb89be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Cache-Control
private,max-age=900, private,max-age=900
Content-Disposition
inline
Connection
keep-alive
Server
elb
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
partner
sync.search.spotxchange.com/ 		0
0
eyJpdSI6IjU1YmJmMmJlMGE2MzBiMjg2MWQ5MjFlYTMxMGQwNTYyODk5N2VkZWE1YjYzNzAzYTg2YjZhOTAxNWJhMzlmZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		65 KB
66 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1YmJmMmJlMGE2MzBiMjg2MWQ5MjFlYTMxMGQwNTYyODk5N2VkZWE1YjYzNzAzYTg2YjZhOTAxNWJhMzlmZmYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcdd3dd1ca889e151650edc9df307c1165f777f55ce8a21537691d45160a9762

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Wed, 15 Nov 2023 23:06:55 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-67039/67040
cache-control
max-age=430900
access-control-allow-credentials
false
x-traceid
2839372498b34bbea337288491eec1f8
timing-allow-origin
*, *
Content-Length
67040
usync.js
eus.rubiconproject.com/ Frame 60B7 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54089
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:27:30 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 09:41:46 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6255
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 11:41:46 GMT
segment
api.cxense.com/profile/user/ 		62 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCB2&persisted=94bfbd14c0ccdc7d377a4f4c47640ed80e32d6aa&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lpxyzoh4760pkq1v%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0001.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
9e9a0fee08f54a7955afc0f906fdbfca87e2d33860d26a713bf052bc185588f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
dispatch
twa.netcoresmartech.com/ 		7 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/dispatch?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&customer_key=&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&browser=chrome&sid=1702121161209&visit=new&pts=0&sts=0&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tx=1702121161209&npv=0&title=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&usertimings=1702121161214&web_activity=1
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.1.255.177 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-65-1-255-177.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
awselb/2.0
content-length
7
content-type
text/plain
ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
cdnt.netcoresmartech.com/webactivity/ 		23 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnt.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17bd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
042f46e36ec4ac2584ebd5c3c6a224ff18cd421131d12f3ee809669fa8920f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
x-amz-request-id
V6H61J0WD0W71QWT
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1702121161424_389027517_240053082_663_1249_38_0_146";dur=1
content-length
1328
x-amz-id-2
LkCFV9MEXSOn18r/xe3uQpICNVyDk4Wm7bXkbKYdHvrIBYANSuBHGRkgTdr6NHtQSQsuispsrgM=
last-modified
Wed, 29 Nov 2023 03:09:26 GMT
server
AmazonS3
etag
"7f37a93e169dc13cf03b4cbd7be021f1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:26:01 GMT
/
js.boxx.ai/js_init/ 		261 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.boxx.ai/js_init/?smartech=true&client_id=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&host=www.thestar.com.my&asset=1ea761fa10f93f18df46ddc3b4f7b01a
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:f200:9:a948:8e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:21:52 GMT
content-encoding
gzip
via
1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
83049
x-cache
Hit from cloudfront
content-length
177
last-modified
Fri, 08 Dec 2023 12:21:52 GMT
server
nginx/1.18.0
x-frame-options
SAMEORIGIN
vary
Cookie,Accept-Encoding
content-language
en
content-type
application/javascript
cache-control
public, must-revalidate, max-age=172800
x-amz-cf-id
1KmHwYUBVEGG_66yGQkOOGdaOWdDx5YdJpbz81Mz1qzS81REUdwvgw==
expires
Sun, 10 Dec 2023 12:21:52 GMT
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js
cdnt.netcoresmartech.com/webp/ 		58 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnt.netcoresmartech.com/webp/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17bd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
last-modified
Thu, 25 Feb 2021 10:35:05 GMT
server
AmazonS3
x-amz-request-id
Z7ZN8N8VSVPR28S9
etag
"1d4003fd2edda3d62526374c76d3049d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=527575
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1702121161512_389027517_240053083_160_1401_38_88_146";dur=1
accept-ranges
bytes
content-length
58
x-amz-id-2
/YqiOlUZundAExe8sZiLtO0JfG3uJExbU2YK/zNOKgPNSwpFXv9psngSsRK0fkEf9Bza5bhNo2o=
expires
Fri, 15 Dec 2023 13:58:56 GMT
df
twa.netcoresmartech.com/ 		57 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.1.255.177 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-65-1-255-177.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
awselb/2.0
content-length
57
content-type
application/json
rep.gif
comcluster.cxense.com/Repo/ Frame E7DB 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.42&typ=pgv&rnd=lpxyzoh42s9bdcd3&sid=1145278932220698298&loc=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&new=1&arf=0&ltm=1702121160116&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lpxyzos7dji9oumh&ckp=lpxyzoh4760pkq1v&glb=&amo=1686035589&cp_userState=anon&cst=1coquzh56ve2z236tix0ktb7wd
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sat, 09 Dec 2023 11:26:01 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		101 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lpxyzoh4760pkq1v%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221coquzh56ve2z236tix0ktb7wd%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221coquzh56ve2z236tix0ktb7wd%22%7D%5D%2C%22siteId%22%3A%221145278932220698298%22%2C%22location%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim%22%7D&callback=cXJsonpCB3
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
1d94246439aea5d839246c83b19193eef08c7d16421592c0f1e7b43d52ba96d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07249223108812628&referrer=&cht=gtm&marketerId=002ad79d5e17fa1cd48be0f2c87f711f6d%2C0005b2eb8fd5275538d4368c821de5ef0b%2C00f0ac815937d85ebb6d1fc045fcdf89bd&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
a483fd4d275edcedc2eb924657f43b81
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002ad79d5e17fa1cd48be0f2c87f711f6d,0005b2eb8fd5275538d4368c821de5ef0b,00f0ac815937d85ebb6d1fc045fcdf89bd
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
X-TraceId
52104591633961d121c6eb4f2ae84f6c
Content-Length
39
Content-Type
application/javascript
002ad79d5e17fa1cd48be0f2c87f711f6d
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/002ad79d5e17fa1cd48be0f2c87f711f6d
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
ob-sent-time
1702089744626
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-rg
EU
cache-control
max-age=60
x-cc
DE
x-traceid
ba4a2b72c96facc9b5b66c595724e26e
content-length
22
expires
Sat, 09 Dec 2023 11:27:01 GMT
0005b2eb8fd5275538d4368c821de5ef0b
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/0005b2eb8fd5275538d4368c821de5ef0b
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
ob-sent-time
1702109297941
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-rg
EU
cache-control
max-age=60
x-cc
DE
x-traceid
8d368baebb2ebf27e99958d29917a8d4
content-length
22
expires
Sat, 09 Dec 2023 11:27:01 GMT
00f0ac815937d85ebb6d1fc045fcdf89bd
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00f0ac815937d85ebb6d1fc045fcdf89bd
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
ob-sent-time
1702099034848
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-rg
EU
cache-control
max-age=60
x-cc
DE
x-traceid
67054319f24ac45f5d10b03a9dffd15b
content-length
22
expires
Sat, 09 Dec 2023 11:27:01 GMT
sid
mug.criteo.com/ Frame 276A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=thestar.com.my&sn=ChromeSyncframe&so=0&topUrl=www.thestar.com.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=pUP-Gnx4dGpIc0Mxd2NZVElwMVMyQ0lCN3pmREc5cWdZd0ZDdktFWjY5MnZ3dUVORGlpelBMV0FKOUZSN2tHQWpVNUxCY0Q1ejRPSkJYVnNpNklmUmk0V1kwdkIvVHRYS1FmRVVjM1dSQlpxSlg2NGNqaVozRTljNmtPa0...
436 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pUP-Gnx4dGpIc0Mxd2NZVElwMVMyQ0lCN3pmREc5cWdZd0ZDdktFWjY5MnZ3dUVORGlpelBMV0FKOUZSN2tHQWpVNUxCY0Q1ejRPSkJYVnNpNklmUmk0V1kwdkIvVHRYS1FmRVVjM1dSQlpxSlg2NGNqaVozRTljNmtPa0l4ZS9Iam9ZT1ZFdUVUSGY5Z2Q1c1lDeVdyWTZUb3FkaUQyY3VFWkZkTWZ4bldLZzY2L2JaaTB2WWI5cEI4TE1VSWhSc0NCQm1JdjhSV3BYRW5VQUdudkhDYzRKdnV1cnpFSTdhZEFVVTFDVCttN0xzSlFVc1Jsb0hWVGNoenVZbmhscmJsZ2xmaXhkSFdhMk52WUc4dVFiTG1PR25vSTlpdDFRZDhlK3VFR29hR00yTFVjWT18&cppv=2
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e7ef89237ba26d4af60b5031a1fec987881aa9083556676c6f0be8b293df2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1049521
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=pUP-Gnx4dGpIc0Mxd2NZVElwMVMyQ0lCN3pmREc5cWdZd0ZDdktFWjY5MnZ3dUVORGlpelBMV0FKOUZSN2tHQWpVNUxCY0Q1ejRPSkJYVnNpNklmUmk0V1kwdkIvVHRYS1FmRVVjM1dSQlpxSlg2NGNqaVozRTljNmtPa0l4ZS9Iam9ZT1ZFdUVUSGY5Z2Q1c1lDeVdyWTZUb3FkaUQyY3VFWkZkTWZ4bldLZzY2L2JaaTB2WWI5cEI4TE1VSWhSc0NCQm1JdjhSV3BYRW5VQUdudkhDYzRKdnV1cnpFSTdhZEFVVTFDVCttN0xzSlFVc1Jsb0hWVGNoenVZbmhscmJsZ2xmaXhkSFdhMk52WUc4dVFiTG1PR25vSTlpdDFRZDhlK3VFR29hR00yTFVjWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
297617
content-length
0
expires
0
khaos.json
token.rubiconproject.com/ Frame 60B7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=45je3bt0v871905719z872492222&_p=1702121160337&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=314418580.1702121160&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1702121161&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&dt=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&en=page_view&_fv=1&_ss=2&_c=1&ep.page_type=Article&ep.content_type=Article&ep.content_id=1096981&ep.content_title=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim&ep.content_category=News%2FNation&ep.content_author=NA&ep.content_sp=NA&ep.content_tier=Complimentary&ep.content_tags=Tanjung%20Malim%2CDrown%2CSabarozi%20Mohd%20Nor%2CPerak%2CPerak%20Fire%20and%20Rescue%20Department%2C&ep.content_language=English&ep.content_date=2023-06-06&ep.content_agency=NA&ep.content_byline=ILI%20AQILAH&ep.content_length=Short&ep.content_category_alt=&ep.content_exclusive=false&ep.content_classification_main=NA&ep.content_classification_main_alt=NA&ep.content_classification=NA&ep.content_classification_alt=NA&ep.content_sentiment=NA&ep.content_sentiment_magnitude=NA&ep.content_keyword_suggestion=NA&ep.ad_block=false&ep.article_views=1&ep.page_platform=WEB&tfd=4752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HWDM68GV8&cid=314418580.1702121160&gtm=45je3bt0v871905719z872492222&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HWDM68GV8&cid=314418580.1702121160&gtm=45je3bt0v871905719z872492222&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1776461073
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame D6C2 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
53783
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:38 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2207123949525156
connect.facebook.net/signals/config/ 		141 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2207123949525156?v=2.9.138&r=stable&domain=www.thestar.com.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
59cbd2fd934701c9504cd5c9a18506773815e08f298e2e78de01ec64c05cb4ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37151
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
QWkVtNZLjcwObHgefDaHAjevxmRC1HWdxqTa+ZV2+gbTLErCKpp//QqW1G8AWTjuSC6zknrN3GH03f5b18ClgA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cxense_data.json
cdn.thestar.com.my/Content/Data/ 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Data/cxense_data.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fb2deaab00ac14984e92854f63bc21df6a8c092cde85a090949500a90fba61b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
_h25rX6dW08GukxdiveDTMHOgJWRrdAG
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 11:26:02 GMT
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Sat, 09 Dec 2023 10:54:34 GMT
server
AmazonS3
etag
W/"133cba4c3094888aaff8f9f3d6a18d62"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=180
vary
Accept-Encoding,Origin
x-amz-cf-id
WkFqFWoInZfppfW7ScSUZjz25fkZ52vCPnFonuV4CvHYGpK1cHXS2g==
Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
www.google.com/js/bg/ Frame 367A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
27562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6850
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 03:46:39 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 367A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:04:45 GMT
x-content-type-options
nosniff
age
69676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 15 Dec 2023 16:04:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 367A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
129545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 367A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
224674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 21:01:27 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webworker.js
www.google.com/recaptcha/api2/ Frame 367A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c2usulbkc4i0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 11:26:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8365 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 34CC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByDa9IOcxMKdg4x-V1Gg6V2ug5nFVpQhB1sJAYE2p5b0cCkCGLsbSxs7Qi12rv5aM4oWI7UAex24Nxc9Sl8vTcYjp0gQ2ZLFPj3bQ-y4ZcO4LrPzQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 34CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 34CC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame 34CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6VbFJZr1_IhVbpm5ILmNZR0pWVVtb5rzvipFTXF4zKVsbJFWbB8xJxWxt1eM1oVnKclq11qND_MwGl_HMBwcLnwX78Q
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 34CC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B1F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bundle.js
assets.ubembed.com/universalscript/releases/v0.180.1/ 		176 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by
Host: 52a360d4000447a08efd7617080680a9.js.ubembed.com
URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-65.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:08:38 GMT
content-encoding
gzip
via
1.1 c325bcaec82bfa9f1a033070b385ab14.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 18:18:30 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
6970643
etag
W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
_7o269vDUVtS8aVcUK1AH1QG04FjBBXkAXAskze6z8pnaA7GhCY4EA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=pqxovk&adnum=492471
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
7407639
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
OMcYxB7UusOiigf011NIy-xWQ0H22Tt-SEeZb6hENmQojrfO-zQq8A==
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=760402913&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ul=en-us&de=UTF-8&dt=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=45175566&gjid=1072512423&cid=314418580.1702121160&tid=UA-828580-1&_gid=1627082617.1702121161&_r=1&_slc=1&gtm=45He3bt0n71PVM4THv72492222&cg1=Article&cg2=News%2FNation&cg3=NA&cd6=WEB&cd7=Article&cd11=Article&cd12=1096981&cd13=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim&cd14=News%2FNation&cd15=NA&cd16=NA&cd17=Complimentary&cd18=Tanjung%20Malim%2CDrown%2CSabarozi%20Mohd%20Nor%2CPerak%2CPerak%20Fire%20and%20Rescue%20Department%2C&cd19=English&cd20=2023-06-06&cd21=NA&cd22=ILI%20AQILAH&cd23=Short&cd44=&cd45=false&cd50=0&cd54=NA&cd55=NA&cd56=NA&cd57=NA&cd58=NA&cd59=NA&cd60=NA&cm1=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=314418580.1702121160&z=2135057160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0814 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F4D5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDM-WdOvnznp77KKqWFBBiSk2v5tLch5-aY01snI57VYcfvKIEIOyyNAOU1lhySfHFT1pvWEb1AXxmmiAQHsZDWCPgwTI81YKdlKA4Whg8eKijb-k
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F4D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F4D5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame F4D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIUJCilpX4nDr2QpmnqBQJ4XCCySpbScYUJ2y3nJkuLOciRfZdZkPaYFPnbBRi688MwbvoL9LCpXe8pwK0Khppi5qrUg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F4D5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame B599 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 09 Dec 2023 11:26:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
1133176620062218
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1133176620062218?v=2.9.138&r=stable&domain=www.thestar.com.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c04eb02f7a219e6b6c83b3aa70677db68a7a17468ed84d79c359880de5521c26
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35569
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8wmgmI29nZcnASMLBcVu/YK5qbdUdFIK6Md5M8f81eOZGvn2/ZD/3WOnnFM5bCg4goy4BwdTG0n8Gd2H48s5AQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2207123949525156&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rl=&if=false&ts=1702121161488&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1702121161486.763849586&cs_est=true&ler=empty&it=1702121161338&coo=false&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D6C2 		527 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=959291384267449&correlator=4191736567348480&eid=31077976%2C31080076&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=21927187246%2C358804_thestar_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D124c9f5350a69a86%3AT%3D1702121161%3ART%3D1702121161%3AS%3DALNI_MbFuWQi2PMogJQLoTEPnjjY2X9IEQ&gpic=UID%3D00000d10e0500d1a%3AT%3D1702121161%3ART%3D1702121161%3AS%3DALNI_MYxmu1Q4Bj7r3w7eF6hM-pp1SDp0Q&abxe=1&dt=1702121161510&lmt=1702121161&adxs=0&adys=456&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=0&ucis=ynykjo52162y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ref=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&top=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=314418580.1702121160&ga_sid=1702121162&ga_hid=1405694229&ga_fc=true&dlt=1702121161166&idt=327&adks=2034016349&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b5dd65324ee996ea3ffc3fd98721f3d64b05460ba1f24cb4749b7d36f932ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43030
x-xss-protection
0
google-lineitem-id
5848899787
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373737852
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bab501f6df12691399357203768b8482.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9047 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bab501f6df12691399357203768b8482.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
expires
Sun, 08 Dec 2024 11:26:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B284 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQwyIaiq9_9YbdG-O2--FeLaflfy5GiFqhbleWPEA6Vs0deRzoL2FBUNFaWeqIse3eBfId2Rehex56zndaufCt0QNh6l2QP0cn04kiQm_oWZuXNYX3PIpxWMfs30QZZXDvtFMz8lc9ffkMdqAKb1NBF1TpGPX8dWe0c1WjPAkvXJh94DGge4wKVoSEgOqqrIJTRd7tvOjtBaxWi_eEjwfNW3C-FqdkGNFWIXvVMhyB0m755O-5POLA4_tRWJVsn_vkhNIJHhNwDxXekquDi6RTfsA76b4armb5Q4gKiQC6FH7kMvFe03kuK83qdUpT5Ls6K2jGVu5bts_t10_MzDzfgym6FTn9S3qWVBLO4kAAm1jcAfAfWlLP-me1RSIZwQzY30rA1QJUZu1hCzWdjC2WGTpaatjfXmVURB1OIxxQIBAbdtvPIVz5B34Skk57VLzEG-0soiOOhBEekVgZUeK866iGNg&sai=AMfl-YRqBely9gOCMLDZ5SioKkYKYXrB5kOiQsE5bnI9--Acn5cC6br5zA7iMANYiZjIEcxz6wBeAjFaMJgGr-ifUb5DvGdfkyIUk2xcBdmLaE-JXYayZ-0vQl2sDjADY-5SfCUlnmGqwwSqjw&sig=Cg0ArKJSzKK_d0F9NG8aEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/66207/ Frame B284 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/66207/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbe895947fab0f1d3e4160125ab09ee58270645a54ffe651810e7517442b36e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
994
expires
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B284 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4F44 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F8E6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8E6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcafS0l5DPpkL5pE5hRGXbiMdjSgClFSfL823-2J7_YstIpuriEunq2crwUcNvjgHUpw1iXq2gDcjOMvJyCqQChh4yQx29RLxDBy2WE3dhCr26878
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F8E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F8E6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame F8E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAHmAPVFL0v3om99g3p9YxEnEW_e5Np7wnGNjg_EHP27dUD89t-UaVau-IybRTWYlnNxv3EKkXt6PtGqvjGHgPhfw1xA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F8E6 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-828580-1&cid=314418580.1702121160&jid=45175566&gjid=1072512423&_gid=1627082617.1702121161&_u=YADAAEAAAAAAACAEK~&z=961568008
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FD52 		466 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU5zHQW8HfqLd799V1But5fZi5ZTzDhTIo4U6CShiF2hdl48ONc_IsP5nguJQ6t2bEBQ8FSWp-ZvD8foGYDvjYh0q1S0EfOKGltTheN3cdLoY-OX9gUQxHcbtthBLNR9wjfaU2WafwmZX1SKL-TUYOF_mRpeSMrrywrSkYeWxpITIDWtgA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B1F5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZECPLofWkku4c0j4x0MJvFHsVfYKQJ_cDiEInAM55vsw03KocvxJWRNNPcReIkSHNQa3QdrWg4rnqGBKfwp_eqxV8q3tWsGcB01EPNrsJdNNK2e0
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame B1F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame B1F5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame B1F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUrP7tuvQM66aaGOoDDNXAwfVEYH29Ui2ySb2SaOK2WBltaV4IOBaIDzn1gTxIZFtd1AgM6b1GJbJqPBdxyc7B16skNg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B1F5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
2102948126432240
connect.facebook.net/signals/config/ 		140 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2102948126432240?v=2.9.138&r=stable&domain=www.thestar.com.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d795b44603ae31eb52eaa58166b817c507c44f8f4490de5d31efe682fc3a7d0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37010
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
0VwWVR5OvEpFC0cHaEtkz5gk2wtxGDzZqmu1b56+nuwnOCmd4SYi0REGtfqmWzFO8IjihXHAUHZD3oLl8rGF8g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1133176620062218&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rl=&if=false&ts=1702121161567&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1702121161486.763849586&ler=empty&it=1702121161338&coo=false&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
E06C803B-6A7B-4EE5-91A5-4280E6EBCBC2.jpg
cdn.thestar.com.my/Components/Flyin/Thumbnails/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Components/Flyin/Thumbnails/E06C803B-6A7B-4EE5-91A5-4280E6EBCBC2.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b835bfa34f98220c71632b94ceace40a3d314f0b4c63a24ed3158ab80ff198f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Zh_5RWLq68nZY0ZVQL8psi0d88Y4rRrV
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Nov 2023 06:58:31 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
51
x-amz-server-side-encryption
AES256
etag
"179c595c9730c4462a3461e0e0a2af5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
.jpg
accept-ranges
bytes
content-length
154923
x-amz-cf-id
If0OxIK89SrCKRTGvssLrkfWMtk0nEoksM-hORDAousDqeFQqww8rg==
user_exists
psegment.netcoresmartech.com/ 		128 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
user_exists
psegment.netcoresmartech.com/ 		128 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=c3a9ce6b-cd4a-46b4-923d-2512a3686b1b&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.132.159 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-132-159.ap-south-1.compute.amazonaws.com
Software
GO-cro-v2-service SERVER /
Resource Hash
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:01 GMT
server
GO-cro-v2-service SERVER
content-length
128
content-type
application/json
rum
dsum-sec.casalemedia.com/ Frame 8365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwcLiR8RSODicztC52GXQnsxplnJCaJkhfJ8FcRrbZ6bdpQWigoD%2FIpMLxBUgatHCmassvQYxhxdWDztOqKDsTO3j4KySoEpVVNJ7ODzklIlbpVWpUqyE9rWyKbnMgf257XrrM0YYhIGJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832ce40dbd4e2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSQ7rIarkFlFk2UCCqX5lXBjNyV1aPQfud5xdNIpw50OXL48seU0JqlyrHYvkhVYlyvyuEjD9BvtxyLjzySRtVk9khZAqG9pAXPPMAVKZYbTdSAcVsdA5slKAYMPTtrtOPcucM%2Bym2YqOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
cache-control
no-cache
cf-ray
832ce40cf981450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8365
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXROyXdl3vjqrvAY2oxWUgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42UhPZkQCYmPRrJVAT%2FAvqRzc4CpWvhTuMymTHcKyjdNiEglS3psKvOnV2qoQLUdGviEpI2G6R7dVR30Au60lokz1UoEGrv7M%2FbLPQNZYZ%2FQsE66JXB1pha1lwwizKZYSQbluxQVx3LVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832ce40e1e2b2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
an-x-request-uuid
669aea22-4ae4-47f4-bd48-a3a5b404cc36
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8365
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWGQsUQ1JU9EpOGzfrMs5CZBY2aArbzddGKhK34pAKtUUIjQNWSnQA9Z2h0Xs2yYdUjgAExSa18MPHOM67hgtAHd2sMDQ7DUmTEjEpcR9KRczDdAHN4-8lZVx7HeRdZ-Mz75A9XfiI1w7dP_b7liMmDYN5PDwavNtDljhI7pjfPMbSDb1k
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
an-x-request-uuid
0bc281b9-48fb-47c3-a51e-eb532625ba89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0814
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9O53eC64%2FpRyKzFz6mPF7wuB6jfzOFQZvcfS%2Bv0SVCLUkYzRfk6aUGbIwpdndAWRsT1KvGsNLyYDdsEmW9J6CmpmHK%2FcHBb%2FTHQJSYXFWbF5ZR31E1vZdgAjRLsftBBAb27M5Ll1R7yxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832ce40d8ce82675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hU3jJE%2Fpl7QC06OmGTVgsOm5cosYHTFqgsfTtEoEPQA1M5vSdXsrKBt8cyBb%2F4%2FGDSjYMr3K4DucW4GDuXLqHVJPnVIYC1s1iBd5j3zDWK3zfLD9EUk05VBf9yBfIXNhyLRKtp3013rtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1&C=1
cache-control
no-cache
cf-ray
832ce40cf987450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0814
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXROybwUcyCND-xYJeZtiAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXTr7URn1E2Z4yo8UPnhAOnt8Dk7m1EVf%2BxTkW75ME9tZsynfmh%2BJ7ykoVojGvvNuhdGrYHad%2B%2B8cNNtZ33nRSx0AS8M0drFr%2FRegcCYcFmXvkTNqkaV8DU6kQjzfchkcfdw%2FFqF2tIvgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832ce40e2e4b2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITXsT7Zhi2MVGXnJLw3ZbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0814
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
an-x-request-uuid
8712204d-1d62-47a4-baad-02b04b75fae1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBqEYGJbz3pehQdxVTQ1o3U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0814
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXm39VhpnC4v4ZpK-RQHv84dDmu1Z0Dwh7qOmrJhfwiUTRYVls9dlMyJ_in_rtCnezVqzPlJaXylmnLv-tdBPz7bUwYJ5SPo7_jzABuc9iY9LbNgSlxtbeUuIk8ovkRhxzHLEEQsPUys0Q-C1_i1SEbhbIHOBW8EiMEDM62URSfVl9bF_I
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
an-x-request-uuid
3e5fdbbe-1e58-4184-ae06-c8dade8127c4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 4F44 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 4F44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 11:26:01 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4F44 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNV0ep0z4e3g2rza0F2nbu2JabHC9xagGwdnj0sj_Vut31R1mM8_31biLVZJaQnHaUeUWrS_BOUWt_Yp2ljg_Jwcur2Kv2hWNtTN6I28xx540hB8yRv8f9D3PtcQh7uG4fKRDg_HNIXg_VWfSqwpLU39_Rrk43O24OZ5LGRMGg0uNHEGts4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 11:26:01 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2102948126432240&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&rl=&if=false&ts=1702121161634&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702121161486.763849586&cs_est=true&ler=empty&it=1702121161338&coo=false&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Dec 2023 11:26:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame D0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssItmj3I6HEaUSJjIlnNWo83UaC5JpokY5Hsyo5UcO95ET7kxCicpLTnYAyRHh3fSoz_Z58CyMKHKHp0lOo1s79wcg5d593uBh_kVzIUapeFhPdnHUDStburdt15C8RXBatQFD0PJmR59Gs3BWb4FkSSh4gOUPp31GQsfgwnJXXj6WZuoYOYg0c6yusU-JsZqE9ulHRIfUIB8TZbr2LWmMZkMYd0tvbRz895pKgMoU63vMz-id1a6TFoTwM9siyRYUzZfh7lXwHc-ziAt1MfWv-VPI7mMPJHGBR_yF9l1eCwpqUkW_hWaicYmVOXCXXk_5R7yrvDcFlJ66NmmGq3XjODCKo&sai=AMfl-YS_V5tsUN1JZgSSyyAxnAmkZYASlDyYUany6mUh7QohGr4icPnmW1UmlsK_FfUsHWVYidq_sDzYmEu51958TuFjBQEIi4hUqP1cNl0q02btssvbcTfNrap1u_o4uCWMVauMNuyeAgDA&sig=Cg0ArKJSzJto7aj-cx2wEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abm.js
serving.stat-rock.com/player/ 		347 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/abm.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 Kürten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
a43a38a9708da7a2593251425f3d4726934cc50f4d2ce4dcc80e3248f9d97fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2023 08:20:06 GMT
server
nginx
etag
W/"6566f436-56a07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
check
rtbdemand.apiip.net/api/ 		169 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
14b143f3462fb0d2d1f0dc02504ff7863478378ba065c9774d71bce1a6e13d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"a9-gIv59TRlADyilHfn/Y4J3K2JBGc"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
832ce40d19af65cd-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:50:29 GMT
content-encoding
gzip
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2133
x-amz-server-side-encryption
AES256
etag
W/"aaba284d2b2910b9a4f56befae1e2e69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
KTJym6A0zLAvwzklZrqRBn5CQPp3QqhQ6z9cQCsgm_KcHs-mts24Mg==
prebid-custom.js
rtbpass-us.andbeyond.media/ 		610 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e3d92275a73b7d10f1b1db5a8d1b372f9bef00af3116b07c64b355fbba6779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
K023S665M7JNS84D
age
98
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
193175
x-amz-id-2
LFQZ5/BuhiZEtNj6tj30UGuTva1wAoMNoy+9m+0Emn3WBSmkOBU7UQrEStemc3hNsMVkGybuE6bcX/LweIrR4A==
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 14 Nov 2023 03:58:21 GMT
server
AmazonS3
x-timer
S1702121162.790620,VS0,VE1
etag
"cefe618333ba0d9574a2870431dd1593"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
1782
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D0BD 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:13:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62114
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:13:50 GMT
partner
sync.search.spotxchange.com/ Frame FD52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECdVFxE1lAsnafkp96aTB0o&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame FD52 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame FD52 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU5zHQW8HfqLd799V1But5fZi5ZTzDhTIo4U6CShiF2hdl48ONc_IsP5nguJQ6t2bEBQ8FSWp-ZvD8foGYDvjYh0q1S0EfOKGltTheN3cdLoY-OX9gUQxHcbtthBLNR9wjfaU2WafwmZX1SKL-TUYOF_mRpeSMrrywrSkYeWxpITIDWtgA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-828580-1&cid=314418580.1702121160&jid=45175566&_u=YADAAEAAAAAAACAEK~&z=2076340730
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-828580-1&cid=314418580.1702121160&jid=45175566&_u=YADAAEAAAAAAACAEK~&z=2076340730
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AC8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CC 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=523629007066&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=523629007066&version=m202309260101&ct=77&x=1&cor=1723389210711828500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 34CC 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BV_z0KWL0jNy2yW0YpIdhhtIJ0rIBYz0PyVnTrK5fTydkvf-OzSAul93wS3Td7Jsnru1xb4QJGKDIpYfOhJvETNqh_VpMoJ7hxrK6rLOCtPQxaKnYCtTahiJ2fi2ceT0cDg76sfHRWCw-WAhRK5RTdWkYRsakNPI4RfjWb9AjK0wO91nM&cry=1&dbm_d=AKAmf-B6IUpPKsQ8gmSATTT8fPZhdaI4niL5_AXW_ZFVxyNM3vcVQKQQLa2Qb8GwzlgaJwzT_rPjmCDbBDVQ7Jgs7mv8KBX8j0kCPtRoK7XxUvgR2KbGDzXXcKXeKoX58cDBOgsa-Zv2Bw6vI-IBOS-Ozb2PK3I0W2mp0VJLZvi2bflih2lzpn9c-L0UaXRbCujERrQbsMMXxPsMDSXUZ6H_w4gV8JVLR8_mM9OS4P0AiwR9wgWJXOUE1xNe6JANzKWL0mWDyYU5cUv6nod0fshj4hE70pnOLfOvufSJbzLlOTNrLPjniR_HJvt9FGzwhLuTlniaFsBPmtkKHMuJ6fi_stNY5WSfuUXtFFCxEKZK9luzIcnyGRGcOjfWBc1Rn7xyOXarud8iKpd1YUKmG_S9ughif4bD9C0CSCREsPXT9xgUm2ilwt_Cu26Td8eITNkNqn1-tf4mY4VEcpl-CjfKVIUwVHGurESrueaV44CAw31mIzxyG5BjxrTTXNx_TMcglFn3lnXu_teq1YHW_30a_gXzSQfc0SmNuW1zFqsHc9hl2VkDWEDbtBD4aLOfhjiYC-j0DinzM7rar0GxcO54lY3Xlg2jqvsmwaRMPqm8jjtRH3mQgA0zc5Yzgf_VjXCBAZ_c3ZGZ6JOMpGxoiujkr_bYz8Bc2VFRfMCsv15poNsHJgIC_ushm0QAUztYUOsvWKfggf7X-gY9KNpKug6zr4PsNO9aiAIehNnmnuELbfyUX4MmrcUBPIuZJVX5kbzyO7eRVMtZfKFx2cxuJAy7euVSVOpuUErxvfiD00u-YWK2ArHDx9j4w2AA728STvH-IYvB6ta2U3gF9dfK66LIO6mHhoCRKK7McRMoWcCBKoaquF9qfGTVDhKI17Paw-Bs21C-DSkUbAT2WHFoB2MpWBDAJTg77b9f6dtzRUCFormhfvi7ul8wiE1e24_GTPzdWuqE9RGWt45l9aprPT8f48dwfg5aiZLxliH_u6EDeOpfOQ68rngrpCnMfTegA1SN8q6eEo6-UBo6T_SQxl2y17ksx9ETSoT2_Q6taXCytui0HcIOgfFtK_e5Na40DesFUfciZ8w7FZKwLST4MiqXB4UbTd3mrYDB1LoUmFT2FYgZjkgdnstXchpOVF5Zo7vZHo80qq7PEvnA5BQ_y27GAoQ89qy9nWMU_X2U9Pihskztl43zsoXUoZpGtu_bLiQaawpKMwFvwE6h-V2nn0jk2ZhPMDemBk7oGiLSwwZy-fnkOnxsROJe4Je5h6g0kPk065IKBjjyW9t9uFQtgjSLHY5GZ_2lEPR9L1js_hq5HQ1f82USxwD4BiGRsdIRSz86pZN3rxiUWI3_yKFy6ssGfkk7-ORd60HbD3UgJznLzR1YRTMi-NKhhfUQMqi8N9cYniUq2hjCnqpGKwXSBSksHWm-Je0DKFtJ1MJHUTpFWpnUG27lQTLJRFf-eL9_oXCTWoEZet24lzg1iM06U0BL7KAEQcKreT1d5FEI24dfy-feaeyjzu80eAIi1Xr9qdFNOixYsCAdSZ7mPKOR1c5thpuplE0icohkCNAC9THGRHysp32A92YAj1RGrvM-h0pCSBV52OmW0qANBwpNcJrUAkyxKP2VVXP31SPisV1GbqK2UJglX3MbLdRBrqqMFwiaQlE9NcJvraqujLz3ad162A4lPv2LkTs0ZOAHzvZW_vUUPqq4djkDMVFcclCvHV-Dwtcsk2qxeaDXjFoZrNKt2BMLHUBa8JShkGkHPxXwRr3FSFH3e2kHOHx4gyeK2ztGr8i4VC6wSLi0tXJdPKJUoKIxsJZqZhby11u0mKYx1A7HD10VHjhUvRQo5Vb1offvhclMGul36RxHcV7TY-70ehhNJX6hQucr0aa9va1X1DHLzqwmApICs4RYLAneoan_5JVzWZjtdLOMA-pjeFbbh8P7erELudgho89JHtSZFBZfVuD1qC4NlT0ib-HL_WHeG74gHZxVGlhFhTT6wI0UmmRDBhqH-rRouJFQwA0NrzS6cAYrqw9iTNHrvZ5R9aTG9QJnnSXo_5yN5vXQYckWmItJIig1ReNgvUdvgeXbC-487JF1SW8ZNrn0fSJb5u0HGVwnHeQibXOe1k5akzJPm4c8bHJwTZWmLu7KNZJ_36cddOwMj8dTXnpPNIh0AhxPlaCEGSDfn7hb32k-Uc_atRH3S2XPDCBPYLf-28Fdnd3l1wukZDZ3SDjl4ofjrhWRM0CnWiCGgmFK2MVgjoov8mdQbYYz1lODQYMpKT2_MfXysVydjSfG9EqdN0qn64XiC5cbCGcfGJU5-HyB9U0Vspkp55i_SUENQf7q65ZDb3k-6KLMkchqJMF8kgQMuJO37xytsFemY8i9gH84xQ6a4FTt6UOzxSqPVUcPOGgUQMubrjIzaX9ZcsEpmXWC3pCkDO05lgjk25dg74_3RUAdOknfcS0fYL7OF_K4_h002f_j9MC6UYbEpakDDfNlBD36GZUYNoKMMtAHXpZ-STB_eDYhOG3HjfC7HQp1whshlptLyvon2QoPJF70WKdMdQHcqyhUq-HIcZbcInh7RM_dcq9IkcJcCvA9QNG9ZsFzhJAeybud8mOVn_R495tfxKZCzeaAg9I2hACickuEnuUJxw3dVeagzi-mV8ibjJCKbMTGJezXb0HKKnDSzcdiYjqn4yyj3Wv0rpYXVXgGMqxgFdE__R7X_0oWVBsJyj6YF0lr7cBILryIwG2eAjh1dthxxjD4WTqw8MSulVu1jTJE4iTYh-ZfSnYr2G_hTh-slBvNqTzXSDm9yNiOXcM8y7fHmRGVPPm-h_pzGwkcMsLQKXQ9EBPd0iYv8LJMkqwfOC4ZMe9oVqYU7kVN5ZszbZ4wRsXNBIkdHGVD_FB0Uidu96lnO82kEq6VgFAqARPimdR33MDFP5FR75-LYPCwbAzj82QGmHyK3QEC2lThvaqJO80w_0HHosoDyuYm0gMsAY2kypPTlNMk9ktl3Z740WsYoRzLURUVnh04d-w0jEI98Rvhxe8vN39pta-AZpY24NwVeMJrKoP2uFvEDqfv84mjGse2-EkPehAgaIH6SnZmi1WTQz5QmFO9_H9UEgTAQa9WxnxO2je3iStS9IBGBncDtTFKT7szCCPzO0O5rqvGlbbMfHoUkzoBFEtIVZQHgKZyPqC7k-K0MhZX5W4P0dY30uYHQ8OZNbFm98AtmOlVmCow33mw0KBlRPYPb5RqN9V3oWSOuiKjxSodw7u0etAd1hpeFBxG6noCSxHqLHdsscYE-sEM_OUbiVrMglguONz3xNt29sdop7NBW5FEeh13ggvtrV-dvrweTyfa1jYzf307XTa2SOXG6hdvkO2OOJpULyPqG5OWIWAyJ4AVjHMQ2DAtac3xID2oqG5GmLaOIV0zzpU_STuIJMMs8xqMIPx8AtT350M7gZDeFaXzQRS3BnYpN9yTrb1vuR1J0SVgwv-clTIoUABLG4LM4wixFCzfYczT4yygC1emt-bxLqTwv3bVMIaMMIvU6q4Q5KCbG2DBqVT9srb2qvAURDYC-t-LGilzJDHc6v6zRpgmqjAemTAGgma7olE6NNXdZuTVaewoe0-VXzlIIcAwXcRlkCWh3kiQtuwXouD9n8G3N3cbnkgKp8luvFFB8DxF7V3aNh2r5_jpAYpF7cZ9Xp3G-thQr4Py0_pwYCKPSa4X5MAbq9XX0RnotdElosrdm2AOVyXPx0cgHfExeZg8VViHN-0ZB4zrRdiuc9vEitXUxKz9ynhAn_IfBUIa5UULrNGHR7enl2-K8ChulQRE8IhEKE9YJH0XuSijAzvHTSE-StIdYW6h3xe6qSsVOLa8-di082sp5OkEtPGD4xJNgEbwRbNdVOZfw9sWloU0khfJkdWQPpSCKWYRSQG9OemzpEb_DyjVMuzZ_D9t9D-vNE7OFArcz82RlIXXF_40sIIKFofMhpp-aNytKEqYX3sOTCXipAMXrSIesGKb5Zhi54tJVU-maTA4BJrX52Ihlhf5SpkB8f91eMNpd4t8IcPFniSdGPN2uNI2O0TyASq1zdmbC5ewx0CcQK-wvuGxV5WYVUqTdYA5YMipwAjW0FIExqZNwNfSqMeu6DsHt3foiL0jrft-ahcD__2LedHepsMGOUkZ_n7cNiTT_G4bE_E7WCQHMqHTbrDwaqJYaiXl_rM-46V52Wh_1qk&cid=CAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=1723389210711828500&adk=3690638928&idt=239&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2e0355daba5ba9cd556dd5043a5b03cc25b48dc4ad1ea7cb4c6db84fda840a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13914
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		585 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/66207/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f67fb7114b84fa6c41a0f5d95923f8e7aa8cfe3e53a3be34e6a0e9e828219f6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
last-modified
Fri, 08 Dec 2023 15:59:30 GMT
x-amz-request-id
MDTGRK0N9G78T9QR
etag
"584cbc3eb154c4ad022436cb85782511"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
c
accept-ranges
bytes
content-length
136556
x-amz-id-2
JhqZAFB4SeeQPbyjpa2LKGVYXobD5FinxtCvoVlVaurfziD1tCZn31DVuA3D2m1LLotoQVS37pM=
expires
Sat, 09 Dec 2023 11:56:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8E6 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4866042023670&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8E6 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4866042023670&version=m202309260101&ct=77&x=1&cor=17467128980463888000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F8E6 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdFnEetqQnaF20q-Hb-C7nOWf0DbyzrYJNEKuXgyGEygNkNY_K3CPXZaerYMlYfOzEmt05dGr9yGEZrmtSSSGECP6FqmE8vGqp8jPYiL49Qu3xGI4tIED2eYOQGJ7fKRINUfSMT2DK8LOJ673uZRRMJL-T8sc3IWkntwgOMhe-M_bE8YE&cry=1&dbm_d=AKAmf-BlvaHRyElZoa0PE52w8d0NbT9quIQZJk0vp_a8-qZdJlMXRNOwxcAYoXvkE7hbKwvLm8Gaxjp500itzZfaNRXU_30ghb7_4lMhpnY-ZXy2mNjf0AVnYWHoDJyYZFbYkYUXxL-4dB2oBkOuZoSwD8zwVVyLTwLlOOmiTwiS0AeqcVBkHTsPpiM6zUF9dhwLu4KUJKF6K5RjIBIlB_0Zr89r8bhrtFvNSCMS5--0KzcEnr3xOImMJM4Iwr02B4pBc5K7cBHJGDIkbx-wO35CxLib7IFdtwni2GhwX1WPNk_hD-b0MfHGdsnZY8kzmirAmlmKZTptOYtm24jiMSRBv3fE1y8-htQpehuSbskV6OrAgSfAGpaoVm35pTFJgU4CVSRsOsXchtj6eR2EUOA81SBgnefU1JIuVdHh5fYdeXVxZiViVFcUucdkFoXyp6oN1d14cAlhgCA6Vzhubj_onDwKubCnXuCoZL412gpUsdyyaXUVdfs9TwKa1BypHYnimZsnxzDc-6kj1z_2set1DPve6HFXdjg2vmbZY8s4oR6BHvMmH2XV0446LTZgy-IB0otOTmzKTDkLUeodse8A81fF5eSXtjt6laWk4HU9nSTCz044z1rbebI2wH8SAE7LHhVwXLDTEtOfjp5A_Tda3VSeFc2nIFmcWUZpTm-yR5SczAW4bqXUmOuYDoYBz2IKQfB4o7jJVWvRVHHDVq6cbVeKtMNxsjSj1dsVkjt8o_M4Xj0CescodXK_a2R20N8N3h30km6TcSnC3UnsnqMfHb4XAXxZBWrYXIO_E0p3KyWLyHCrqwg5XoPiiFvAsVMWYa7WPZplvDTStgMMnzWaERg7XtmFl1I64RQrXrkG3gzSHqb_cqPFcnSMUSir-AVTprsy41OX3GjWvwGmpDEyP-jGOYQC3DBO8ZpQVnxbnLHaZ3onQZHMjcVoomJhMGwqHijy1s8rBN70oftCK6UBBMIUNn1DXi56fDJno1l7idLKmKEZpqZOtPrjesvEtAylqxo9HVDynPiYwGIYOLnszmctx_v1ge9ti5BPzUkpIuQy7L93QMMUVnVSLMwDb_eCiHlkM89j5MmSdKZP2KqvXrVcBFdcrHy3tEZafDQKyRRr15ojh_EBL8-42NL1CsSlfzLyyxNdL27Srd1IPdzMStIDLckUz8m_j9t0uUtq7S_cROgbBNvGbog2s_k3YrW-LNFf4V89XPj9A82vGfRT3mEt2ZO2yez6DNm75zSfnhAWEFVnaL1_wUQ4H5TiJVh-OyjBVGf6qt6YdMb00Jl2QPQm7jiaIjILVT_KyZMU2lJEDtrnj6PtH8EK6XiPZ8CeS4WALEdJTy_d0jqKnr1BJRkN0eaIyh2u32UzoGUnfgnWP4HU_47F3nSGWa2pgCALTR8jeKscDPLJMBBTS55JtzA3LD-CZsqIo8HnDi5dZy5R_9Ad3l5qi73W-wD_S0hTdSqF6RQkrWOisuj-mGGkvo7k2FOhllJwX_LePLTj4Um_45hgC9UbEdFNHK_Z14OdxAdVMmxvJOtu8yDq2UxK1s2Ppj7TXddBwZnrHZkKmsMFBQLuwFHtyxj4_WKomJOuCi1TAwtAC1tOBw_Lge98XWZlH4KYLoqYXEYKsosU5vJMCoQUYNWdPDNbjB8854LY_ruhs0eZMBjruFrhXvQS9hHMt1b5-obI4D0QKF5pgNfdGnm2YI5RR9dY2u50NNMFLjtKTiQEV-prNW2fA3LqjhGaEm8_jVofROLxkjcO2f6Zw43EZoFW3hUq5kZZAAS24IzGUW0lTwj9MjeX6IYafHsVGk-goyP4L0-ROk76E_eSYF_o0mw_EvuWLNA8iz3QJpyrLaZf7zy9ifF_0h5kIxh17MzxXzgqRClDxHGxktfbgRSDsf7DfRbcFDUzJDIO8n9m3JC-s0HrtybTj3qX8LIRsjVWXfEh4Q6dddcv1fxtAyBY05h7FE1utkRu8IpuXdhPo1UgHoBb3H1Z6iarFZYl7Znlnbgw9ryFAhlt_orzYA3WnaXQHd22dvYpqPoL72J_phqdP9_hvqbQBLMFEm-fvbk67Rv7YB5LGBo28kwiJ3NpFCME2wgOWq-wCLrkKn9PmiUcOVJx92Wx0RnGU-x19bavyJUOTZ_r-JK4YVqCdAWSDHYz6p9z8kk7Ia3UFM4Jq8ZRbgorVt7Ks3GmQuwWkbhhHMx-6h1xXQCnlRS9FKq79u6nBUsmsLYJbOC4xsAHDxDwi9QmWeu1HYtm8d9FFSBxyqgmLTjFpe7FYlfuhsSMDm1S1lmeh87ZBwAQW6ZweT9-SOQae2rfxD1n2HmkuxAojbwawQlDHBeFeBuzoAEsNXLqVeFAo83mZ5Ko6frPnfJuZVf0Y5Rz5rVim9WJ2vyOuvRUXQFwRu7_-oMdl7ukGXxf6MrViRcRMH1An8moV7szs7lU5R8TjziDOB8m1JWDdJ45dErCZZC6km0VYY-KHZKNhoBfR2KRRbn3XukpJqCS494jXV3-6Jhe120pKdZngesp3AiMMabNCq42OPrITVcza11gLkudnbp_cOJ8tIw5Ur33V5r-1loni7_3zpM4Xe5Udz2jJMxf_lgLBdaG3gaxIxufSm5sQPOYuJM7hdtoFUUptXez-4-xmZYjuNLV4XW8hu_DBYgzzHa07n2sF6JDPXof3sZaw0ovpzeH0WmhwMyTfbQU5kj25kadPPvP47rwxYQGXFK9DH0MHCTQ5vDcHe1Ztvy5LcTtI3nJWDHEr7RmA131R9DwXX9oDlkE2hrjODwwC8co3eB5wbuaH8boZvyycKb9dH7O_B0RxFqWuLbG8vbhHlMIAXg-PZ6U-k-YKnShPmhS-x8jje9ZH-5LnakOISi5NsTM7LNSF-g0EPvYIDiNW09m7leB5CzN4NyGATjPaYdsQbVDdCfTVYJUzwzyWR5Orgxy-jWvshOP5g4_yZeV7BuhlJHnE_J4f3FvCgGncgphACSDY6IUsj7DLF4B4tH8LXmDisHPv5y1_rC0kUxwiJ9d7iY1H0qeJTe7M640sBa5kYBtAzUUSpxNHasb39pxMhg_lGukMmirjN1o762wfvVtJfxavgdEc9CGT0Kv9OzXTb7w9mFmnv5ixzX9doyr5hDo2dUpWeCXOyXGhQS979QU9pBdAqCE1XZA0QfvN0ltHBfFY0pLj1ajgxlzi48ujfS3e05u9yCPos8kuddjAv_oMkekQW6MI5bJL78dwiq4jr0gbh6RJkc884D-mnaue8tdSx1rm4x-mEZezr7MKpNqxJK6yXw9qJjQgzMBacCC74PEG6Doiz-Vcz5c7TQrldi6UWk_KRuHWlekfjRfK09-AMDPBTk1j0g1SlvqLOY44dMFWkDYl7t7hJrKd9FBPO0vdFBWNBxmz9viKL0zXyA7muUvFG5Fw4Au0bFQLVDjeVEJw4xvaNcknT2r0bSe9pa85y7Iac9iZfxHh6jL1HSCKofmLeMjp1ge6obY7RM4oEd5AJiGDFKJjEbWt2ZK8CcOhzEtLDI5c_WC-Z93sLvHYxs2NnS8Lp3njKyIv3Yniv981kKaj8chFqRz7nm3uP4Z8lCt0aZIs62bXZDKsY6O528b_GA7jYnr7ApFdgy2C1p-5ag19Jz7mnU1mziKyo7kJJNRpObBEcb6P6Z0c3pDn0uJV8RsMADf6Me21n2J20YVLC_sAIAYBoEXYXZ5PBmoHBl1RH-7vcga7sGu9gH445879Z-t9GVTXjUP1FQYA615fzpUl5oy0ZQCQNZ15iXVC1RC6UONHCtjB6W1OhLr_cMl3IQHhvGEn0V03du-W-_b923WYqxFcwrij_d1T-XaH0S9g4kw0poSSG1Cx2yvhvfBIQt3zMCDaKf3cWhRdwPj4gJt3Nb1rBVSxNjRHRs3letXkvnSreY_hv5cSJa5vdgBo8bykA38yXw-KHyiYpqrJgSztsOGcys6Os7lnaV2xwOnemaqE1y66_LJ2XeMMqQqy4P5umj02SWJnyjm_sKuJ27yLm58xXIi1AXDhta8NNVuKVway0uhCj2-BF4WosXHtr_xN4cKLN23V-3sFSVcvDQ0Ib09X43COFUJjEfglAoqDsDmG4UAVFULbrWUqlmwPKqDffvNyhsWYjbFCL4DQ6ogLDJdbyeY98i9T34GfUSeXrUu&cid=CAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=17467128980463888000&adk=4188270524&idt=187&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35f9138b6452c07b1abc31ab32e0a7a1edc2a4bc7aab40a08ae7dac413689c2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13926
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7841191587761&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7841191587761&version=m202309260101&ct=77&x=1&cor=15322009557847505000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B1F5 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsiidY5ZQa5KPrSzcMPvrqtVQS0zlhk-iLKnqIoDC2RAKB-1Ar3Yf9hX1luZ8c_1K7hF0YzeJItvWvcNCYAD0AIDWquKSsZslQbWm3kA6oweM320nIkwQv6xdkn-lGnTmyoqDbSXTAuLHxsnyQTxEJSoTd6lF8bPGxhKRr-Cjzi8jvq78&cry=1&dbm_d=AKAmf-DakNkW9h8Dvwa4r02boWmHletC0HeSriyk5ugWawFW2Dzoqz48N_aOyi4vCUflvPGRCzTrMHPB7Sf6jQ9YNrwiqX3pXsztsehdszAfdjtfpZd8eoxzdzvRdxr0gJ0xhUDg56aPkbH9PtMJZWfle2c43OcnGPOpEseRaq_jfyeLoim_lUtde2x-nHRsrQUsDjtWObCIB7nEZ-lBWSiU9qwk6aOq-W2nrpU3eYLnZKPKP7nkZykUEY-tGOknpfoWPbdnS5t1X_0Dx6by9q6uS6GRTqakjz2A6VZpj7kLej44CvulUgrhSHHaiwXYrbNab91ebEk_2APoDeQ5wY6_KEFcwpisEq5RjAUNHBaj2AXJnqyiVVjssC56SPqjyro9YyprS-BnPRwKsaYlWumV0kZ0eMWrSA7Ot7vXPuazqoihn2jeUDX6zRKdO5LsNxfaHOWJwrrdNujeEpY0HxGeMeVkpp_u6AgM-BN4WQsMFXV4Nihpn7L9znFL4990dH2cCxuzExFQGKHBUiQRc88uimRHk1vi7CBTjCqWzWjk9ord91o6-_DRBDiWtT3GZ09bAuP6vvnbTr__8R-56T4AR9HNGZ_jmlI9ssWImab7pkml60veGkmASXNUnORtLF_-XEPPZEGx3OYA1uuMe6DQobSLPb7dbzl5w_Ut1R5fwdZNBpUQkORSs2wXo5JGZJtfz9N4GwmaRwPrwF38WPblEIuGTBwpV6eo1RGq6G2CFD1WSUqzp3ehTQmmz7H9jmJOZ4ttetH81X7kT1GjjjAGUIVR4VAdAzcUHZ28bVFbY_VqMATvDO8rpTGIGYpfDT51UwbHBrFzEfN04OAndpv-1wLz8n1L4I5JslQRfVCYMQpHWeL2ppfx8rsxb_-vFqwwPS6gPvHeDWzXDZ2UqUx6-tadkf8u9ZJAICHF0cxwgQyCwloFL8sfou6EdT4Qun1SXk3qSBioQKgnNvGAMRqrU9v--nrIoEoxEHM9GcpW3-T4fPjiGG3ib3x08jb_Vgb6KZS8R_zOfwV8aB9DBK1yeMk2P49FWk9Egkotz9qaV76sw8TOzy4i-dVNRjB42hkMpNgaOO7O97t5UgYpCMz7KRlDNf4Ef_4-nDK1_JFwAqT6FnQ8dfhPt_6Wf-bndh2tBMLTNOenFnu35Uh016z8oChUffoKYXUhuYOyqTwTdhczRulAMnx8DNNM6lIL28crOGFtL6kO-Mce8IxMJVYLseDSkek87F9JhmQoqBpVxj3_iqwwE7Sp8Awc3NQWsHXkLH6C3qmKLuSdKB-3mNRg4cgyb9kG48NM-w7sQWv1hdRlMVBs7xWOVfhExspP9Q4N0_PGVFXylNVxa6N8Q2daaKolkmNxjJ8gO4lqIRl5sP0qBymnE6YrjHp9qPPISnknMUbQmJUx2bh6T_EGGgKIL9EoEDjGSBfFR351u7-cT6j4FEIvnXmX5AG28jLtU_24iqMk1JVP_W1IkrgyszdFyZW-HYJ5hXjkzJ9QxWsiy1tEEc4TYhZ8ky4IVynh_tux1PRC34m8nryKy_EmTSc5mr4MwMc8_1MWk4Bb4wVlwxKIdp7x411eFJ5Tx_oNSkJMfh9u3yKT9Xho1yuNNUILW0vS0RJ2QjZuY57gLsxGdb66n-4ioMigOiD_cXjhkLgzT7YTaRk60LiG8RsxF4lpzmugEJ-ewBmOilzHZoFEqQYpFuHOkfNEu8xuFZPcl--MBRBiN9e1FRvPbRBL0vcbwFne6rMF6QY3hz-lxvIgsdimKrs7WUvfD0w7kj11Et7SROAh3Ji3sEmEB7_iZF5TgCegS2C-96ugsNJIZqMUxrOXU6nj_vEElQp1fj5gZ7fsOUgYzynQMkvCUdzh71AR_TJCMmCxngkVes6DG6wQLmCKYATqAjraHVi9ax9lc7br17sdM1l1mNUeTsCgIZ6NVDEA5_iFV7DcDIJVqcs44VGtoowI9bZ7Vmcq2ALahdGh_VCa2FSEOqk_wb6cctPiJjMulzsN6RhqqRdzJCoKRVaPXRGOCmQ6bgClwJbW5TgEyac11sG4vTb1otz9OwgfjoEbdNM7CWbDhd-hO2Q7SK3ydNO1ZHo8qT56I0_ZDBAS2lv1Gj_F5YEERlYyGZ_PeaBDtlUd11NuUXyKX4JAcgbHnLonciRdqf90IYM1h2k54qXvNF5Sw675-y9fAkKFDYW4jTLEGRpiSrnWikiuKFmVbJLaPsi3RsOg7ttqVBfSp-N4GB7ec-BQ5x0ctxtGuOLk2bkKwFiINULRt1fpGcVCIpdt2vdcnCkq-D0JL7OuTte0mdTgVaZjxFOBDXJRta5QrkxdWoLZzNasC2iQwfwgfaEPdIljRGFbeG3xRNtuKEFFflJi_5gOmiYVH3E6A5tepIj7TZ7j1z-x46-USAzew9gCz6TBFdXmsFxl8Jj_I2qw6Ia6K74Y6HyC06R0WAexIMZYwbvbJX2nkQOc-gS6FRLpYRj9uL2Vr3bNbQXiuDLo8AsDGZSeTDpKrCzD4nAzmlXLunYz_6divNthCkDqd3vV_KYyoR82FctI78683Ugyv8moXb9af6uQI0fvaqHlTg-j0nbB2XAKFQ_sRaENNLxZtqTdpTgvxnAUEb3g9Fvw-e06jJmpgBNT2t1x_q-ixKTxv2Ci4EiP6MVPfe8dVkatirzrMqXXindudcB72IYOSrgmfS6G2IzV7aaxzBpU-3Bxot_6AZYo4qg9RdfmyNue_e8ik8HDCrUppbSQp397zvl1vBoSOUtv7S659hwkS1eKh_I6aYclJNaHdQIqCidtp348msn1LWGeUlg0RDDMGPgAeZRnQTUvkj4JBLMBnlcrzSfhhb3UpiwsHUBsrmq7j-3rxkAL2b6DYSjJ68RzgnjvvnfkC0EP5b7hx7onD8KBqCDsreVkO7Oj3ncZksfrCMKLhPrdZO17VTY9laMhNmD7K0HR373Yzv_TI96hdhegFnFHpBklrl_u6JBy8VpTgsmxtAzLBURHTyklVCvl3adC4nfYmrLuaTngxFnkGlBFof63lBinFkm43KE6_Mh9VhO-1XMaWU4cro-HgmpDM6hxXYinGr0VuhjDS1amRs8IHot00gnURxfM-bPu6w1ldyqR29axofaowXZQNzGSYqK8Bad3C_Jzr6zXUwOjPywmEqPGjqa0MoLe5OxcIyfDbtMV8MCsACuZ6LXXoQawKNutJJt1HidsoTYiD9Wg1WX2_y_sUDdUut3k_XslFRYBTzgVukjM6a0Vl-ptptYJnYZaHNALMlhA0xbqVMH6puoHvgugihfXAOHQfy2ua3wUYnOg72u5Ry-eW27ppRfBhYPqaud3tnmmhvnEebyDzfXkYtyxnvO2Nx9E-YpgCTzkcNoFsing8-xmxkGFHitZxD9ZFAIehKLSjDd5-0wizHcrAuJaIRFUuFxvbg-4XSK7ki51QxTF-Pc1jMmqklL_xoiYpaEhl0vJD9foaQ8xGlicAc7DlZ2fiEjz33QVOTLfmO4UuHHUSdTazcfF3XbLnofZpEIe5jqu8y5siQKwHRwavDdquFblrnOUvz2TNc3sQIAJLtSwzXbgjVD2k2ZR_3dKmqhsHXIKmAE1OIhPlrdl4qVca6iBEINRZ0bQDlx8VcxpAlgoNyf9ci8EUnvqEgzhCnKjm6Q1nNiBrj_w3CxzHk1DaI7I8o-KgZx9c3eXJmE1kk9lZWUWvjAQtqwsCGd_mWosNqAkprylgWKnxo9ZGsmqrJJu6j4PSLBh6IVfrIPNl_wABsMmwjKkceNZHHiH2hV3Uh1TybZjwPL9KMxbRex4pHZHk2hFL9yhO_2vrdBC2LW8SRt_LVZ9wlv3AsFFiFK8vFnocJW4tNzhcJ1Xu9BCMLJOB-CZXsKQoIPILQC8b6SrBt7farLDG-anQ9LxAqj8aVxHC7k_OX6TJ1cbyXiLtHva7Idl9kHHesQxRyTwJUxh8ENOrScWmM8UFPZSNjcHv6LKOrAvSXfuYSZnhSxcJBDOKGhBaKQ7M9l8JUKjqZzCanN_qLJqDcxD088mvi4YM1hZdnhHt0guCSEb3307Uqfj6NVAapv1q1Sj-9JqFp5gtVnN_LlorXCyd5c1rdf1eii7G2IQSDAAccvf7Sksw_m_R-2WXOohCeZl7rkY7k-xOP8hW3Mi1wKCTbYaDlwVp7PefJvH-3n2CeMWwPqVTO717G9NtI2_iulHAhtvgSKx_XjY_mSxjh-kvfBe0jXvJbgT1btysLyI2APMWQ&cid=CAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=15322009557847505000&adk=2004672171&idt=192&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58331bbd46c0b477fc7324175af41a72a49e15d5dc60e815981749c39fd79702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13879
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA92 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7AC8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AC8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ce8mJb394jxH0SDYu3xMB2hlxOvouwNr-WB0ST7NF1GYSV_uo4naxHfox3ZdmFdz424X08QLAbveGYt0M-ZoOLEeivaUUvOE09-rM-9TmnBbriLLQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7AC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7AC8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame 7AC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbvAldQ5Al7q4hld7NeDV2Nk-Ti_RSN-gafFmI3_Y_xyo88XXVytp1_4H0A6JwHMSXsnQMLvBAOEmpwXqEPXUtgaHVtA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7AC8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5982318479145&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5982318479145&version=m202309260101&ct=77&x=1&cor=6124800881718185000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F4D5 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzuxeFbl82_rhyRkj3tHh5UdPzkx-dAwDoKG46vK6vFMB5XGqXjNVLUhW7sD5kNU0OAddGQPrP3ewNi4JKnTJB7Pp8s0llhAuhMq3JDRtHf0sfFScRr2KnX67-T7D8LRwMaQU6lH2z-nihytj0ZWME3_7IoKFooWd-Oo4rcIwtL7HKDVw&cry=1&dbm_d=AKAmf-DEKicUXC9OdqeoZGMvACGCoyvHWYMtTkjT_sHCYovSkocVxSx-5HLddFb6B7D-9BcJ6JSSP5daHntfiMkBpWIVWtN3IwaFtCxAfDBx485gI8cBGLjqFDUDXgb7pVvSuirjD1wrs8InT2AtK2fASxDJi4kB7bUPdKyV185pfPy0BZOQaMBy4oPdX39t53LVZ58016ZjMpg2hnW4MtopRDhm5tLdoI-n0mnpYXVC65As0gNyC4SxDrczbx97WV2V0_jAaiKyJgfar-iLTtWdmauT57y4-jEs3yLAehUnjN1X8ftBVQ1ACx7Ow7qrK9bAhKAGPYBX9OYVGvvi1ZKTmzsZrokC94-JbkCg3zFKlUKkkJM6tdkT5t2ny8PgTTAbsHZzNX7y5avciFDbMUPjRg8Ouy2en6eqUUAkoDW_tLcZxxHp_dG_ZZ63eBIxF-HCzT-hXyjW4UsuK50Vb-dWMjwXINkxSHpcFmDpP1tvb-t85jI3Mjj_b5XlATwUHax0-903oe4NjZsbm8kkeycpgX26sZTDg4BLaRsY0FicEO5sOXzVghlGLdtbjcPv1TiMV7dVO_sD9ONEWIn5-CTi-xvNa_35CxHCy7Qypk_L17_zN92XGjU3g5UEYEYoM-crl9kb2veJMA6luFMvI6z3IMWRFxq-mYot7PuMBQaOIqbav6CxUxT1mcUo5Qhu1-c8E4EHyIeIKCo2uUFAmS-byw4x0wkNovYL_c5ElT4aPcoejxkGKvzHoNVeXoVPhH0YU-L7e_ZIF7V8PP1wuDcLGwxjj5TJht_Yj92_nmTvZUdWNYVD1pTj4qGoPCSVgvVX_PFGwaRng9uSMKL6L-fUzD-78-yA3Oq9dmw1SfJRHzF_RSIVcD8rodx4f55abc4H9_7JdXUJHz-ybMQJipj-gZmcVGEbiIlsdUhbBmdvjXpzoJ7HVL9DL1RBr8GaM6dLuC9dK2Fg6SNRj0f4PYULnFlptti8sczhWwlbA_iICr8eAWR5PoUspGlNk_coNr-0hVnfOigVI9ucqOPDRseVq61UfDysdO7XVR9DnaT9S7osfiHJfPdzbc9-EkOEr52X7GS6h4UB7sP1lEMf6U5XAyfy-npu4sqKtlorUWjxVvPdO9CzyQr3HECdjkj5GZqYGcrIIQ_QETzEe5XO1z35QgA0VkfAp3Pf725LFFBiL3XHwS3fy6qIUw577PPuPhE_xlsEOtJr313tr0CLuMh4zcF7fgdlvjX-fDUViBoivWoSXbA1wHluNqPURoWGUregoHqy0Fbcwg8lP3qp1md_81NG-M3pA_WpZawdnlgEPTNueibfMrjr7d-xVgtx2V7_FJGpoVTsERCWIdKfDcp1DNjrklEEv5NFNnjEmHVz57WJcU6Lp3MWyolOtU3FwgAkoqwPhHWvb6UY3SG30gigSZ5nXb9Jv9DLfhTWoUf-jPIMKT41ecIZnEcTBdUyuUUN1KZmRE1s51PUuMmFoQb6yibz4uYMfvmWSP73sUFhzeiIPbFvcoUHSd26XA31kzLRQQLaRNoY0oiHAI3tljZ-bjHjaECGwScbC0MyL8D4EdYsPZWHGQJiWumt7Bd1WdSc_BMktKMWsSCVwjf69Bi0EmrPWdWChDWDce58Hjw3s6fx-uERcNb9NrfZj8bKAL5fe7aR0q5bo6dHw2bHSpOixE3pamf8PdCr5iAudUoCF73sb8O1JUI6sU20H28lWkrkuUDuclhhStaktGFpmnT9bl16I6P9vbliuY5c4l9iPIS0GyefzWVQAzkVCBkv7Ux3HBdU-BpJ8SPjHfmknIGzTvAI9QZwQMZANRvkWxwhSJLe9B3FeTKtTV0VTq7x3MuPy82cnwtmjkmIF9Re9C-7gIQdRmyxlwXNA77pXvDrkto5ZBalzRS1G2WTXQHMB-RCNAC7yKXsHsKCoBuiHe-XVEFHeHaFYXiiud_8zvRAivfhXBeVyZUjtnGfDl-ftNzpdkT9Sp3352H_kjSCuL0WE7apIB4IKXajgRFcabIFMGNjLP4Km4v4L2xGcgTIL5c-br_SlLhXTUD7rlDOv5NaOlbyRh96yT3ZAjdxZImkGa_CeUS306q9qUP-3LxuarC4XqS625yQWFRtkLKszI3L2L6n2xYu_LAUEUeZkMJNIZPTZjzxGUgfSJxXjkZ28g4kd2nOMNLcbuTq1XvIqj7VOd5Ph6v3PzXOUKRRsIw2XetwQfTV7rIvRPdv7JmFKicqhFDk3oO2fI9SjPzVssEdNAcmK2HsPWdkOQD7OHz4C-FQq4d13wthh4jt3D7IoK9_dxWIuFTs-SDYXQCEJXINT3GTVhQOCuXBMZkBFvWitQ6eOBZhXtxtqGrPfOec9lIhw1FO2I8dCFFBICGOvMfvIu4Kn3GH0LWP5c_o5OXm9HFC_hYRd_zaBZ5P4754D3h3P2zNXt_vwu_az7xtOTPlWg4BKrXAiDcGSRi-zjIvIngNoA6-t-hj-kO1huApkcfbqMAk1weudNScswD72am1wlSsj6tVIShwOuFhyeoaklbatSTjy2YteRwj2W1tZ9eTO_VfD8lls8Dpr-huqqKvfGTP4FF7JUL9AuqZLMi_PSw3bdP_iYr0tUagJPmuJ68onZfS5UJwgi8jZgdDevpUKabT_heCgXZIHux4sJ6ILHSt1b4caCzW4W69wa41VmzfU4NbpIsIBmWw1_50-DFDoG6BW1WztfdenGrVoK9mHeRJEBhKYRZgLzNrGcZs8IJ4fSV5J50RsWMp-BhDgyQdbPhSfQnXdSuAwCurLYR4od7uupt-pcJf66-clNo1lmvwA_W5c2zxIlPXKoeZu3PzSHo4oChPgN336PIEpOlvXXbCr44C1vJI8Zjzj3mhC03TCCU9wJDOvROwOikaMX0gnRpqIgk8YXHaqtZm5PIClsm02pFeIciMR9lGA2mO84GXlyACxFM5hqTtd-jXZv3vMVGD6CwMWLeYCmQG-8GQGPSNPQn0WtC0Cu9oZe87gsQhDtCHJ4NZxwmPcnOZV2GbkJ7Lro93wR6fIuqN-JqXzPRdL2gUHS8Lh0TcTgOFtUjDNpbDMKNDhCwRqUtRj4w81SdxMTlMF3jZ3P67nbyv7siFOOGvZggxC5VrjENbC6yWM8Oor6WXMLAkrGYELe3QBgWeLgRHEqFRkIZIY_nI9WK292CBJSHsEZ4cZAQSUa-WCmMTKK8S_wvWQuUgX5PgfhkiMqAkTpxrX3zayQYgLTePihhO30PAWC7CdP9d2Y349h73t4PwTzwVxAXGBbGtL6_npvB0z17D1yqWsVikbBpacYHV8KcK7YSK3mp6gEEubF2eAsvp7c5I9mY3vGmPF0aW8h87Nh1UlOjtcESKZIXG0yLp0otvjE7CJWUvIgv8Jko-yq9YztCv4sKSnF8ht0Rvraa2WLS79Rb1GpNNDS5eZfJC19JHoR590mN7ZrJ9D0W1o4awC1YcGDC6_JqJbn4hd2v-fFm7jKghFS4LGFes59tG_HTUpdmuvmdRn2xz1tqk1awPQsKQSBFnHXGJVJvtJS8CjkY3NxfpAKADCLreJv61YmulZpzQWsSxk5zIDtZYK4jvMAcs7LYpRjxqjyt1QNusrnghjz2b6V9gz2qxptoWlutF5DrxS9NzlIQHCJ9DziHNBUNqKcAM3u8VkljkeuWrbqkcNkRFVEtTbjlYEuPk2xxrxhEY0L045PhUUf0k-FdlxxrecX04yfq_sJg9EQ84czEH5800wCaZp_cV8cCALl5dcMKnKbWHw8GUIQpW526QTa3PLhBzkc39WcjEeHEix0fJ3_RzNoqL3WGexark82co5Ev08AqlrNHMHKofRsnmLGfeUjRXDkvLujzaeRECiyxSkWi0Lna3EcbogpdC1mFgIuPoaJu-pYSSm7FFOk8ea983aq_J8KBlkXcl3m5OouKwpvAs0o5oe_rIOPKc_9dsR0PsOWiJRNb1A52nvBnltSWOwdCZjhRisDTvIoDeB1gvpiy_I7uApJ-LWzv13vQD1vEMKcJExXbmX0Wl-0zgR8UXExoqvJm74bCUL6YIcmJf0TBV1vfqAA8HsPy4rFMAlp6ctNFXqeovivglU_6EkvQ4D3WiYXqX2qkeFF_7k7fzUHc3-i4t0FLh0JOVQDWbt4wLslR8EJ0gh3znQSRc&cid=CAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=6124800881718185000&adk=1033480540&idt=298&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7523c7b37ea5a51673506957c34a31fd66a7efdf842ff6a2b06e8c5920fbd339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13834
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGGXaMZGdZ0sOYdzFLW-wt65wMECJ82F03isBGG3Wu1ErgZdg2bW6uwjNi83I_H4yI0WZAs4fX3xu4lvY8TTClAVjrveoBYS-l17E9M2TWJqXGzU6dRE_WRUotWYHlqrlQNJQIPWHTCsoV618Tt7Wioss3cc7Lh1ZP3xpf4Mw7L8qIMFjn2CEqunm3S6XuP0HF1eLOzj1VNR7pR85sxDPx2IPB3DjnIaWfb2Zfls4CQLRUMaCONpza_GWKKjovLumVqydLK4FUVcTjiviMyrB7-YaXq-FiR2dnAUQoBeJGB1rzVYOysLXi9kLB9ipGNFSF0_CZcvbWmGNbYsg-dmT3enJMyoA&sai=AMfl-YTXLVMLsReiUw1DmRjL7kUxMEI-O3jmVN6WQk3DDTQ7nq6gaFBeNXWd4VLJBbpUfMXc8JRK_SbndCl8yUFrO5QOQZ0nO9rFVOEMHgvUhpF1MNEKQkCRXne0jLxM8zvOf2bsD88M-R2z&sig=Cg0ArKJSzM2Jt_ZnWVZCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 11:26:01 GMT
0b44d83f8c460029bcbbb6028ef1ea242eaa622ed
handyfireman.com/confirm/2a6ee3d341d/ 		303 B
813 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://handyfireman.com/confirm/2a6ee3d341d/0b44d83f8c460029bcbbb6028ef1ea242eaa622ed
Requested by
Host: j93557g.com
URL: https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
1bb94b65201dd8134b73250cc2bf2da0bf7c29a899cb9bcf7caf276d3629ea6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
x-hostname
fen-hoothoot-europe-west1-test-cmwb
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 09 Dec 2023 11:26:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F8E6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdFnEetqQnaF20q-Hb-C7nOWf0DbyzrYJNEKuXgyGEygNkNY_K3CPXZaerYMlYfOzEmt05dGr9yGEZrmtSSSGECP6FqmE8vGqp8jPYiL49Qu3xGI4tIED2eYOQGJ7fKRINUfSMT2DK8LOJ673uZRRMJL-T8sc3IWkntwgOMhe-M_bE8YE&cry=1&dbm_d=AKAmf-BlvaHRyElZoa0PE52w8d0NbT9quIQZJk0vp_a8-qZdJlMXRNOwxcAYoXvkE7hbKwvLm8Gaxjp500itzZfaNRXU_30ghb7_4lMhpnY-ZXy2mNjf0AVnYWHoDJyYZFbYkYUXxL-4dB2oBkOuZoSwD8zwVVyLTwLlOOmiTwiS0AeqcVBkHTsPpiM6zUF9dhwLu4KUJKF6K5RjIBIlB_0Zr89r8bhrtFvNSCMS5--0KzcEnr3xOImMJM4Iwr02B4pBc5K7cBHJGDIkbx-wO35CxLib7IFdtwni2GhwX1WPNk_hD-b0MfHGdsnZY8kzmirAmlmKZTptOYtm24jiMSRBv3fE1y8-htQpehuSbskV6OrAgSfAGpaoVm35pTFJgU4CVSRsOsXchtj6eR2EUOA81SBgnefU1JIuVdHh5fYdeXVxZiViVFcUucdkFoXyp6oN1d14cAlhgCA6Vzhubj_onDwKubCnXuCoZL412gpUsdyyaXUVdfs9TwKa1BypHYnimZsnxzDc-6kj1z_2set1DPve6HFXdjg2vmbZY8s4oR6BHvMmH2XV0446LTZgy-IB0otOTmzKTDkLUeodse8A81fF5eSXtjt6laWk4HU9nSTCz044z1rbebI2wH8SAE7LHhVwXLDTEtOfjp5A_Tda3VSeFc2nIFmcWUZpTm-yR5SczAW4bqXUmOuYDoYBz2IKQfB4o7jJVWvRVHHDVq6cbVeKtMNxsjSj1dsVkjt8o_M4Xj0CescodXK_a2R20N8N3h30km6TcSnC3UnsnqMfHb4XAXxZBWrYXIO_E0p3KyWLyHCrqwg5XoPiiFvAsVMWYa7WPZplvDTStgMMnzWaERg7XtmFl1I64RQrXrkG3gzSHqb_cqPFcnSMUSir-AVTprsy41OX3GjWvwGmpDEyP-jGOYQC3DBO8ZpQVnxbnLHaZ3onQZHMjcVoomJhMGwqHijy1s8rBN70oftCK6UBBMIUNn1DXi56fDJno1l7idLKmKEZpqZOtPrjesvEtAylqxo9HVDynPiYwGIYOLnszmctx_v1ge9ti5BPzUkpIuQy7L93QMMUVnVSLMwDb_eCiHlkM89j5MmSdKZP2KqvXrVcBFdcrHy3tEZafDQKyRRr15ojh_EBL8-42NL1CsSlfzLyyxNdL27Srd1IPdzMStIDLckUz8m_j9t0uUtq7S_cROgbBNvGbog2s_k3YrW-LNFf4V89XPj9A82vGfRT3mEt2ZO2yez6DNm75zSfnhAWEFVnaL1_wUQ4H5TiJVh-OyjBVGf6qt6YdMb00Jl2QPQm7jiaIjILVT_KyZMU2lJEDtrnj6PtH8EK6XiPZ8CeS4WALEdJTy_d0jqKnr1BJRkN0eaIyh2u32UzoGUnfgnWP4HU_47F3nSGWa2pgCALTR8jeKscDPLJMBBTS55JtzA3LD-CZsqIo8HnDi5dZy5R_9Ad3l5qi73W-wD_S0hTdSqF6RQkrWOisuj-mGGkvo7k2FOhllJwX_LePLTj4Um_45hgC9UbEdFNHK_Z14OdxAdVMmxvJOtu8yDq2UxK1s2Ppj7TXddBwZnrHZkKmsMFBQLuwFHtyxj4_WKomJOuCi1TAwtAC1tOBw_Lge98XWZlH4KYLoqYXEYKsosU5vJMCoQUYNWdPDNbjB8854LY_ruhs0eZMBjruFrhXvQS9hHMt1b5-obI4D0QKF5pgNfdGnm2YI5RR9dY2u50NNMFLjtKTiQEV-prNW2fA3LqjhGaEm8_jVofROLxkjcO2f6Zw43EZoFW3hUq5kZZAAS24IzGUW0lTwj9MjeX6IYafHsVGk-goyP4L0-ROk76E_eSYF_o0mw_EvuWLNA8iz3QJpyrLaZf7zy9ifF_0h5kIxh17MzxXzgqRClDxHGxktfbgRSDsf7DfRbcFDUzJDIO8n9m3JC-s0HrtybTj3qX8LIRsjVWXfEh4Q6dddcv1fxtAyBY05h7FE1utkRu8IpuXdhPo1UgHoBb3H1Z6iarFZYl7Znlnbgw9ryFAhlt_orzYA3WnaXQHd22dvYpqPoL72J_phqdP9_hvqbQBLMFEm-fvbk67Rv7YB5LGBo28kwiJ3NpFCME2wgOWq-wCLrkKn9PmiUcOVJx92Wx0RnGU-x19bavyJUOTZ_r-JK4YVqCdAWSDHYz6p9z8kk7Ia3UFM4Jq8ZRbgorVt7Ks3GmQuwWkbhhHMx-6h1xXQCnlRS9FKq79u6nBUsmsLYJbOC4xsAHDxDwi9QmWeu1HYtm8d9FFSBxyqgmLTjFpe7FYlfuhsSMDm1S1lmeh87ZBwAQW6ZweT9-SOQae2rfxD1n2HmkuxAojbwawQlDHBeFeBuzoAEsNXLqVeFAo83mZ5Ko6frPnfJuZVf0Y5Rz5rVim9WJ2vyOuvRUXQFwRu7_-oMdl7ukGXxf6MrViRcRMH1An8moV7szs7lU5R8TjziDOB8m1JWDdJ45dErCZZC6km0VYY-KHZKNhoBfR2KRRbn3XukpJqCS494jXV3-6Jhe120pKdZngesp3AiMMabNCq42OPrITVcza11gLkudnbp_cOJ8tIw5Ur33V5r-1loni7_3zpM4Xe5Udz2jJMxf_lgLBdaG3gaxIxufSm5sQPOYuJM7hdtoFUUptXez-4-xmZYjuNLV4XW8hu_DBYgzzHa07n2sF6JDPXof3sZaw0ovpzeH0WmhwMyTfbQU5kj25kadPPvP47rwxYQGXFK9DH0MHCTQ5vDcHe1Ztvy5LcTtI3nJWDHEr7RmA131R9DwXX9oDlkE2hrjODwwC8co3eB5wbuaH8boZvyycKb9dH7O_B0RxFqWuLbG8vbhHlMIAXg-PZ6U-k-YKnShPmhS-x8jje9ZH-5LnakOISi5NsTM7LNSF-g0EPvYIDiNW09m7leB5CzN4NyGATjPaYdsQbVDdCfTVYJUzwzyWR5Orgxy-jWvshOP5g4_yZeV7BuhlJHnE_J4f3FvCgGncgphACSDY6IUsj7DLF4B4tH8LXmDisHPv5y1_rC0kUxwiJ9d7iY1H0qeJTe7M640sBa5kYBtAzUUSpxNHasb39pxMhg_lGukMmirjN1o762wfvVtJfxavgdEc9CGT0Kv9OzXTb7w9mFmnv5ixzX9doyr5hDo2dUpWeCXOyXGhQS979QU9pBdAqCE1XZA0QfvN0ltHBfFY0pLj1ajgxlzi48ujfS3e05u9yCPos8kuddjAv_oMkekQW6MI5bJL78dwiq4jr0gbh6RJkc884D-mnaue8tdSx1rm4x-mEZezr7MKpNqxJK6yXw9qJjQgzMBacCC74PEG6Doiz-Vcz5c7TQrldi6UWk_KRuHWlekfjRfK09-AMDPBTk1j0g1SlvqLOY44dMFWkDYl7t7hJrKd9FBPO0vdFBWNBxmz9viKL0zXyA7muUvFG5Fw4Au0bFQLVDjeVEJw4xvaNcknT2r0bSe9pa85y7Iac9iZfxHh6jL1HSCKofmLeMjp1ge6obY7RM4oEd5AJiGDFKJjEbWt2ZK8CcOhzEtLDI5c_WC-Z93sLvHYxs2NnS8Lp3njKyIv3Yniv981kKaj8chFqRz7nm3uP4Z8lCt0aZIs62bXZDKsY6O528b_GA7jYnr7ApFdgy2C1p-5ag19Jz7mnU1mziKyo7kJJNRpObBEcb6P6Z0c3pDn0uJV8RsMADf6Me21n2J20YVLC_sAIAYBoEXYXZ5PBmoHBl1RH-7vcga7sGu9gH445879Z-t9GVTXjUP1FQYA615fzpUl5oy0ZQCQNZ15iXVC1RC6UONHCtjB6W1OhLr_cMl3IQHhvGEn0V03du-W-_b923WYqxFcwrij_d1T-XaH0S9g4kw0poSSG1Cx2yvhvfBIQt3zMCDaKf3cWhRdwPj4gJt3Nb1rBVSxNjRHRs3letXkvnSreY_hv5cSJa5vdgBo8bykA38yXw-KHyiYpqrJgSztsOGcys6Os7lnaV2xwOnemaqE1y66_LJ2XeMMqQqy4P5umj02SWJnyjm_sKuJ27yLm58xXIi1AXDhta8NNVuKVway0uhCj2-BF4WosXHtr_xN4cKLN23V-3sFSVcvDQ0Ib09X43COFUJjEfglAoqDsDmG4UAVFULbrWUqlmwPKqDffvNyhsWYjbFCL4DQ6ogLDJdbyeY98i9T34GfUSeXrUu&cid=CAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=17467128980463888000&adk=4188270524&idt=187&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc4MzMzMwogIHNlcnZlcl9pcDogMTQ2NTI0MDU0CiAgcHJvY2Vzc19pZDogMTg3OTc0NzI5OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F8E6 		0
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc4MzMzMwogIHNlcnZlcl9pcDogMTQ2NTI0MDU0CiAgcHJvY2Vzc19pZDogMTg3OTc0NzI5OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjMwMTcwODMxNjgyODc0Mzc5NApkZWJ1Z19rZXk6IDE5OTA2NTg3NjQwNzM0NDgxMDcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxNTEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNTY2NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3c7edb9b0b5989490000000000000000","13":"0x8aee6954da046a1a0000000000000000","14":"0x7c31c841f080dc7f0000000000000000","15":"0xef8713b39efb6ac80000000000000000"},"debug_key":"1990658764073448107","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"12301708316828743794"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vjdy8w6hewcq
hal9000.redintelligence.net/zone/ Frame F8E6 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1702121161119747&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
913995d0cbca6446ed962cae88e3792d7ee9c9ff7fef4bd7e6989096dfa0ad09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4323
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame FA92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9KH7WYlI9eC37Ifi7Wzbs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame FA92 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame FA92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 11:26:01 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEKrNfHFlnoJfSlV6I7CG-4o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FA92 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJTDg_MBMAE&v=APEucNWlHh-PK9oj8fFCKI8PLUaJEdp1XcEyqBmbWr9bLoKxv8DtM9KppxXOgt2PYoFc8qVo1JP34kQAESZ4a_Y5tZHmuQRWBbkJfx00WKTCiY6-8rfJDstryIGZlyXIvUY3yDF7Mzil7bQdR5dZX2qgGGcvwjx0o9obd-XqQfM2ZLn4N7D_8Iw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 11:26:01 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:37:18 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2923
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
apDkCMA9I5yziyL04kmh4Q8Jy-HMzqEhqNHtKo2lGIkzvWJBr6vwAw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thestar.com.my&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:01 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
1Da2dwTobKj8QKMqiJ3qu7vnO_c2HDbr6GBHs4V0glcp0onTXEjTPw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 04:44:31 GMT
x-amz-cf-pop
FRA56-P3
age
24151
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
iDbCxbWONkMkhsQKVxaznHaxrZHs3WqrYzSSWK41hte96oQ4xhvQ2g==
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 34CC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BV_z0KWL0jNy2yW0YpIdhhtIJ0rIBYz0PyVnTrK5fTydkvf-OzSAul93wS3Td7Jsnru1xb4QJGKDIpYfOhJvETNqh_VpMoJ7hxrK6rLOCtPQxaKnYCtTahiJ2fi2ceT0cDg76sfHRWCw-WAhRK5RTdWkYRsakNPI4RfjWb9AjK0wO91nM&cry=1&dbm_d=AKAmf-B6IUpPKsQ8gmSATTT8fPZhdaI4niL5_AXW_ZFVxyNM3vcVQKQQLa2Qb8GwzlgaJwzT_rPjmCDbBDVQ7Jgs7mv8KBX8j0kCPtRoK7XxUvgR2KbGDzXXcKXeKoX58cDBOgsa-Zv2Bw6vI-IBOS-Ozb2PK3I0W2mp0VJLZvi2bflih2lzpn9c-L0UaXRbCujERrQbsMMXxPsMDSXUZ6H_w4gV8JVLR8_mM9OS4P0AiwR9wgWJXOUE1xNe6JANzKWL0mWDyYU5cUv6nod0fshj4hE70pnOLfOvufSJbzLlOTNrLPjniR_HJvt9FGzwhLuTlniaFsBPmtkKHMuJ6fi_stNY5WSfuUXtFFCxEKZK9luzIcnyGRGcOjfWBc1Rn7xyOXarud8iKpd1YUKmG_S9ughif4bD9C0CSCREsPXT9xgUm2ilwt_Cu26Td8eITNkNqn1-tf4mY4VEcpl-CjfKVIUwVHGurESrueaV44CAw31mIzxyG5BjxrTTXNx_TMcglFn3lnXu_teq1YHW_30a_gXzSQfc0SmNuW1zFqsHc9hl2VkDWEDbtBD4aLOfhjiYC-j0DinzM7rar0GxcO54lY3Xlg2jqvsmwaRMPqm8jjtRH3mQgA0zc5Yzgf_VjXCBAZ_c3ZGZ6JOMpGxoiujkr_bYz8Bc2VFRfMCsv15poNsHJgIC_ushm0QAUztYUOsvWKfggf7X-gY9KNpKug6zr4PsNO9aiAIehNnmnuELbfyUX4MmrcUBPIuZJVX5kbzyO7eRVMtZfKFx2cxuJAy7euVSVOpuUErxvfiD00u-YWK2ArHDx9j4w2AA728STvH-IYvB6ta2U3gF9dfK66LIO6mHhoCRKK7McRMoWcCBKoaquF9qfGTVDhKI17Paw-Bs21C-DSkUbAT2WHFoB2MpWBDAJTg77b9f6dtzRUCFormhfvi7ul8wiE1e24_GTPzdWuqE9RGWt45l9aprPT8f48dwfg5aiZLxliH_u6EDeOpfOQ68rngrpCnMfTegA1SN8q6eEo6-UBo6T_SQxl2y17ksx9ETSoT2_Q6taXCytui0HcIOgfFtK_e5Na40DesFUfciZ8w7FZKwLST4MiqXB4UbTd3mrYDB1LoUmFT2FYgZjkgdnstXchpOVF5Zo7vZHo80qq7PEvnA5BQ_y27GAoQ89qy9nWMU_X2U9Pihskztl43zsoXUoZpGtu_bLiQaawpKMwFvwE6h-V2nn0jk2ZhPMDemBk7oGiLSwwZy-fnkOnxsROJe4Je5h6g0kPk065IKBjjyW9t9uFQtgjSLHY5GZ_2lEPR9L1js_hq5HQ1f82USxwD4BiGRsdIRSz86pZN3rxiUWI3_yKFy6ssGfkk7-ORd60HbD3UgJznLzR1YRTMi-NKhhfUQMqi8N9cYniUq2hjCnqpGKwXSBSksHWm-Je0DKFtJ1MJHUTpFWpnUG27lQTLJRFf-eL9_oXCTWoEZet24lzg1iM06U0BL7KAEQcKreT1d5FEI24dfy-feaeyjzu80eAIi1Xr9qdFNOixYsCAdSZ7mPKOR1c5thpuplE0icohkCNAC9THGRHysp32A92YAj1RGrvM-h0pCSBV52OmW0qANBwpNcJrUAkyxKP2VVXP31SPisV1GbqK2UJglX3MbLdRBrqqMFwiaQlE9NcJvraqujLz3ad162A4lPv2LkTs0ZOAHzvZW_vUUPqq4djkDMVFcclCvHV-Dwtcsk2qxeaDXjFoZrNKt2BMLHUBa8JShkGkHPxXwRr3FSFH3e2kHOHx4gyeK2ztGr8i4VC6wSLi0tXJdPKJUoKIxsJZqZhby11u0mKYx1A7HD10VHjhUvRQo5Vb1offvhclMGul36RxHcV7TY-70ehhNJX6hQucr0aa9va1X1DHLzqwmApICs4RYLAneoan_5JVzWZjtdLOMA-pjeFbbh8P7erELudgho89JHtSZFBZfVuD1qC4NlT0ib-HL_WHeG74gHZxVGlhFhTT6wI0UmmRDBhqH-rRouJFQwA0NrzS6cAYrqw9iTNHrvZ5R9aTG9QJnnSXo_5yN5vXQYckWmItJIig1ReNgvUdvgeXbC-487JF1SW8ZNrn0fSJb5u0HGVwnHeQibXOe1k5akzJPm4c8bHJwTZWmLu7KNZJ_36cddOwMj8dTXnpPNIh0AhxPlaCEGSDfn7hb32k-Uc_atRH3S2XPDCBPYLf-28Fdnd3l1wukZDZ3SDjl4ofjrhWRM0CnWiCGgmFK2MVgjoov8mdQbYYz1lODQYMpKT2_MfXysVydjSfG9EqdN0qn64XiC5cbCGcfGJU5-HyB9U0Vspkp55i_SUENQf7q65ZDb3k-6KLMkchqJMF8kgQMuJO37xytsFemY8i9gH84xQ6a4FTt6UOzxSqPVUcPOGgUQMubrjIzaX9ZcsEpmXWC3pCkDO05lgjk25dg74_3RUAdOknfcS0fYL7OF_K4_h002f_j9MC6UYbEpakDDfNlBD36GZUYNoKMMtAHXpZ-STB_eDYhOG3HjfC7HQp1whshlptLyvon2QoPJF70WKdMdQHcqyhUq-HIcZbcInh7RM_dcq9IkcJcCvA9QNG9ZsFzhJAeybud8mOVn_R495tfxKZCzeaAg9I2hACickuEnuUJxw3dVeagzi-mV8ibjJCKbMTGJezXb0HKKnDSzcdiYjqn4yyj3Wv0rpYXVXgGMqxgFdE__R7X_0oWVBsJyj6YF0lr7cBILryIwG2eAjh1dthxxjD4WTqw8MSulVu1jTJE4iTYh-ZfSnYr2G_hTh-slBvNqTzXSDm9yNiOXcM8y7fHmRGVPPm-h_pzGwkcMsLQKXQ9EBPd0iYv8LJMkqwfOC4ZMe9oVqYU7kVN5ZszbZ4wRsXNBIkdHGVD_FB0Uidu96lnO82kEq6VgFAqARPimdR33MDFP5FR75-LYPCwbAzj82QGmHyK3QEC2lThvaqJO80w_0HHosoDyuYm0gMsAY2kypPTlNMk9ktl3Z740WsYoRzLURUVnh04d-w0jEI98Rvhxe8vN39pta-AZpY24NwVeMJrKoP2uFvEDqfv84mjGse2-EkPehAgaIH6SnZmi1WTQz5QmFO9_H9UEgTAQa9WxnxO2je3iStS9IBGBncDtTFKT7szCCPzO0O5rqvGlbbMfHoUkzoBFEtIVZQHgKZyPqC7k-K0MhZX5W4P0dY30uYHQ8OZNbFm98AtmOlVmCow33mw0KBlRPYPb5RqN9V3oWSOuiKjxSodw7u0etAd1hpeFBxG6noCSxHqLHdsscYE-sEM_OUbiVrMglguONz3xNt29sdop7NBW5FEeh13ggvtrV-dvrweTyfa1jYzf307XTa2SOXG6hdvkO2OOJpULyPqG5OWIWAyJ4AVjHMQ2DAtac3xID2oqG5GmLaOIV0zzpU_STuIJMMs8xqMIPx8AtT350M7gZDeFaXzQRS3BnYpN9yTrb1vuR1J0SVgwv-clTIoUABLG4LM4wixFCzfYczT4yygC1emt-bxLqTwv3bVMIaMMIvU6q4Q5KCbG2DBqVT9srb2qvAURDYC-t-LGilzJDHc6v6zRpgmqjAemTAGgma7olE6NNXdZuTVaewoe0-VXzlIIcAwXcRlkCWh3kiQtuwXouD9n8G3N3cbnkgKp8luvFFB8DxF7V3aNh2r5_jpAYpF7cZ9Xp3G-thQr4Py0_pwYCKPSa4X5MAbq9XX0RnotdElosrdm2AOVyXPx0cgHfExeZg8VViHN-0ZB4zrRdiuc9vEitXUxKz9ynhAn_IfBUIa5UULrNGHR7enl2-K8ChulQRE8IhEKE9YJH0XuSijAzvHTSE-StIdYW6h3xe6qSsVOLa8-di082sp5OkEtPGD4xJNgEbwRbNdVOZfw9sWloU0khfJkdWQPpSCKWYRSQG9OemzpEb_DyjVMuzZ_D9t9D-vNE7OFArcz82RlIXXF_40sIIKFofMhpp-aNytKEqYX3sOTCXipAMXrSIesGKb5Zhi54tJVU-maTA4BJrX52Ihlhf5SpkB8f91eMNpd4t8IcPFniSdGPN2uNI2O0TyASq1zdmbC5ewx0CcQK-wvuGxV5WYVUqTdYA5YMipwAjW0FIExqZNwNfSqMeu6DsHt3foiL0jrft-ahcD__2LedHepsMGOUkZ_n7cNiTT_G4bE_E7WCQHMqHTbrDwaqJYaiXl_rM-46V52Wh_1qk&cid=CAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=1723389210711828500&adk=3690638928&idt=239&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc3MDUyMAogIHNlcnZlcl9pcDogMTM5Nzk5MzgzCiAgcHJvY2Vzc19pZDogNDUzMTgwNzU1Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 34CC 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc3MDUyMAogIHNlcnZlcl9pcDogMTM5Nzk5MzgzCiAgcHJvY2Vzc19pZDogNDUzMTgwNzU1Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDg5MDM4ODQzMjgwMjkzNTExOTcKZGVidWdfa2V5OiA1ODY0NDcyNzU1ODY1MjM2ODg4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1ODk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDcwNjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3c7edb9b0b5989490000000000000000","13":"0x8aee6954da046a1a0000000000000000","14":"0x7c31c841f080dc7f0000000000000000","15":"0x7b52d51cd6169c880000000000000000"},"debug_key":"5864472755865236888","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8903884328029351197"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 34CC 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1702121161088117&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6bd9dea55a6fba631c02790548f2b57fe1505c1250847ce76be6ae3fbf8ea04d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4329
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B1F5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsiidY5ZQa5KPrSzcMPvrqtVQS0zlhk-iLKnqIoDC2RAKB-1Ar3Yf9hX1luZ8c_1K7hF0YzeJItvWvcNCYAD0AIDWquKSsZslQbWm3kA6oweM320nIkwQv6xdkn-lGnTmyoqDbSXTAuLHxsnyQTxEJSoTd6lF8bPGxhKRr-Cjzi8jvq78&cry=1&dbm_d=AKAmf-DakNkW9h8Dvwa4r02boWmHletC0HeSriyk5ugWawFW2Dzoqz48N_aOyi4vCUflvPGRCzTrMHPB7Sf6jQ9YNrwiqX3pXsztsehdszAfdjtfpZd8eoxzdzvRdxr0gJ0xhUDg56aPkbH9PtMJZWfle2c43OcnGPOpEseRaq_jfyeLoim_lUtde2x-nHRsrQUsDjtWObCIB7nEZ-lBWSiU9qwk6aOq-W2nrpU3eYLnZKPKP7nkZykUEY-tGOknpfoWPbdnS5t1X_0Dx6by9q6uS6GRTqakjz2A6VZpj7kLej44CvulUgrhSHHaiwXYrbNab91ebEk_2APoDeQ5wY6_KEFcwpisEq5RjAUNHBaj2AXJnqyiVVjssC56SPqjyro9YyprS-BnPRwKsaYlWumV0kZ0eMWrSA7Ot7vXPuazqoihn2jeUDX6zRKdO5LsNxfaHOWJwrrdNujeEpY0HxGeMeVkpp_u6AgM-BN4WQsMFXV4Nihpn7L9znFL4990dH2cCxuzExFQGKHBUiQRc88uimRHk1vi7CBTjCqWzWjk9ord91o6-_DRBDiWtT3GZ09bAuP6vvnbTr__8R-56T4AR9HNGZ_jmlI9ssWImab7pkml60veGkmASXNUnORtLF_-XEPPZEGx3OYA1uuMe6DQobSLPb7dbzl5w_Ut1R5fwdZNBpUQkORSs2wXo5JGZJtfz9N4GwmaRwPrwF38WPblEIuGTBwpV6eo1RGq6G2CFD1WSUqzp3ehTQmmz7H9jmJOZ4ttetH81X7kT1GjjjAGUIVR4VAdAzcUHZ28bVFbY_VqMATvDO8rpTGIGYpfDT51UwbHBrFzEfN04OAndpv-1wLz8n1L4I5JslQRfVCYMQpHWeL2ppfx8rsxb_-vFqwwPS6gPvHeDWzXDZ2UqUx6-tadkf8u9ZJAICHF0cxwgQyCwloFL8sfou6EdT4Qun1SXk3qSBioQKgnNvGAMRqrU9v--nrIoEoxEHM9GcpW3-T4fPjiGG3ib3x08jb_Vgb6KZS8R_zOfwV8aB9DBK1yeMk2P49FWk9Egkotz9qaV76sw8TOzy4i-dVNRjB42hkMpNgaOO7O97t5UgYpCMz7KRlDNf4Ef_4-nDK1_JFwAqT6FnQ8dfhPt_6Wf-bndh2tBMLTNOenFnu35Uh016z8oChUffoKYXUhuYOyqTwTdhczRulAMnx8DNNM6lIL28crOGFtL6kO-Mce8IxMJVYLseDSkek87F9JhmQoqBpVxj3_iqwwE7Sp8Awc3NQWsHXkLH6C3qmKLuSdKB-3mNRg4cgyb9kG48NM-w7sQWv1hdRlMVBs7xWOVfhExspP9Q4N0_PGVFXylNVxa6N8Q2daaKolkmNxjJ8gO4lqIRl5sP0qBymnE6YrjHp9qPPISnknMUbQmJUx2bh6T_EGGgKIL9EoEDjGSBfFR351u7-cT6j4FEIvnXmX5AG28jLtU_24iqMk1JVP_W1IkrgyszdFyZW-HYJ5hXjkzJ9QxWsiy1tEEc4TYhZ8ky4IVynh_tux1PRC34m8nryKy_EmTSc5mr4MwMc8_1MWk4Bb4wVlwxKIdp7x411eFJ5Tx_oNSkJMfh9u3yKT9Xho1yuNNUILW0vS0RJ2QjZuY57gLsxGdb66n-4ioMigOiD_cXjhkLgzT7YTaRk60LiG8RsxF4lpzmugEJ-ewBmOilzHZoFEqQYpFuHOkfNEu8xuFZPcl--MBRBiN9e1FRvPbRBL0vcbwFne6rMF6QY3hz-lxvIgsdimKrs7WUvfD0w7kj11Et7SROAh3Ji3sEmEB7_iZF5TgCegS2C-96ugsNJIZqMUxrOXU6nj_vEElQp1fj5gZ7fsOUgYzynQMkvCUdzh71AR_TJCMmCxngkVes6DG6wQLmCKYATqAjraHVi9ax9lc7br17sdM1l1mNUeTsCgIZ6NVDEA5_iFV7DcDIJVqcs44VGtoowI9bZ7Vmcq2ALahdGh_VCa2FSEOqk_wb6cctPiJjMulzsN6RhqqRdzJCoKRVaPXRGOCmQ6bgClwJbW5TgEyac11sG4vTb1otz9OwgfjoEbdNM7CWbDhd-hO2Q7SK3ydNO1ZHo8qT56I0_ZDBAS2lv1Gj_F5YEERlYyGZ_PeaBDtlUd11NuUXyKX4JAcgbHnLonciRdqf90IYM1h2k54qXvNF5Sw675-y9fAkKFDYW4jTLEGRpiSrnWikiuKFmVbJLaPsi3RsOg7ttqVBfSp-N4GB7ec-BQ5x0ctxtGuOLk2bkKwFiINULRt1fpGcVCIpdt2vdcnCkq-D0JL7OuTte0mdTgVaZjxFOBDXJRta5QrkxdWoLZzNasC2iQwfwgfaEPdIljRGFbeG3xRNtuKEFFflJi_5gOmiYVH3E6A5tepIj7TZ7j1z-x46-USAzew9gCz6TBFdXmsFxl8Jj_I2qw6Ia6K74Y6HyC06R0WAexIMZYwbvbJX2nkQOc-gS6FRLpYRj9uL2Vr3bNbQXiuDLo8AsDGZSeTDpKrCzD4nAzmlXLunYz_6divNthCkDqd3vV_KYyoR82FctI78683Ugyv8moXb9af6uQI0fvaqHlTg-j0nbB2XAKFQ_sRaENNLxZtqTdpTgvxnAUEb3g9Fvw-e06jJmpgBNT2t1x_q-ixKTxv2Ci4EiP6MVPfe8dVkatirzrMqXXindudcB72IYOSrgmfS6G2IzV7aaxzBpU-3Bxot_6AZYo4qg9RdfmyNue_e8ik8HDCrUppbSQp397zvl1vBoSOUtv7S659hwkS1eKh_I6aYclJNaHdQIqCidtp348msn1LWGeUlg0RDDMGPgAeZRnQTUvkj4JBLMBnlcrzSfhhb3UpiwsHUBsrmq7j-3rxkAL2b6DYSjJ68RzgnjvvnfkC0EP5b7hx7onD8KBqCDsreVkO7Oj3ncZksfrCMKLhPrdZO17VTY9laMhNmD7K0HR373Yzv_TI96hdhegFnFHpBklrl_u6JBy8VpTgsmxtAzLBURHTyklVCvl3adC4nfYmrLuaTngxFnkGlBFof63lBinFkm43KE6_Mh9VhO-1XMaWU4cro-HgmpDM6hxXYinGr0VuhjDS1amRs8IHot00gnURxfM-bPu6w1ldyqR29axofaowXZQNzGSYqK8Bad3C_Jzr6zXUwOjPywmEqPGjqa0MoLe5OxcIyfDbtMV8MCsACuZ6LXXoQawKNutJJt1HidsoTYiD9Wg1WX2_y_sUDdUut3k_XslFRYBTzgVukjM6a0Vl-ptptYJnYZaHNALMlhA0xbqVMH6puoHvgugihfXAOHQfy2ua3wUYnOg72u5Ry-eW27ppRfBhYPqaud3tnmmhvnEebyDzfXkYtyxnvO2Nx9E-YpgCTzkcNoFsing8-xmxkGFHitZxD9ZFAIehKLSjDd5-0wizHcrAuJaIRFUuFxvbg-4XSK7ki51QxTF-Pc1jMmqklL_xoiYpaEhl0vJD9foaQ8xGlicAc7DlZ2fiEjz33QVOTLfmO4UuHHUSdTazcfF3XbLnofZpEIe5jqu8y5siQKwHRwavDdquFblrnOUvz2TNc3sQIAJLtSwzXbgjVD2k2ZR_3dKmqhsHXIKmAE1OIhPlrdl4qVca6iBEINRZ0bQDlx8VcxpAlgoNyf9ci8EUnvqEgzhCnKjm6Q1nNiBrj_w3CxzHk1DaI7I8o-KgZx9c3eXJmE1kk9lZWUWvjAQtqwsCGd_mWosNqAkprylgWKnxo9ZGsmqrJJu6j4PSLBh6IVfrIPNl_wABsMmwjKkceNZHHiH2hV3Uh1TybZjwPL9KMxbRex4pHZHk2hFL9yhO_2vrdBC2LW8SRt_LVZ9wlv3AsFFiFK8vFnocJW4tNzhcJ1Xu9BCMLJOB-CZXsKQoIPILQC8b6SrBt7farLDG-anQ9LxAqj8aVxHC7k_OX6TJ1cbyXiLtHva7Idl9kHHesQxRyTwJUxh8ENOrScWmM8UFPZSNjcHv6LKOrAvSXfuYSZnhSxcJBDOKGhBaKQ7M9l8JUKjqZzCanN_qLJqDcxD088mvi4YM1hZdnhHt0guCSEb3307Uqfj6NVAapv1q1Sj-9JqFp5gtVnN_LlorXCyd5c1rdf1eii7G2IQSDAAccvf7Sksw_m_R-2WXOohCeZl7rkY7k-xOP8hW3Mi1wKCTbYaDlwVp7PefJvH-3n2CeMWwPqVTO717G9NtI2_iulHAhtvgSKx_XjY_mSxjh-kvfBe0jXvJbgT1btysLyI2APMWQ&cid=CAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=15322009557847505000&adk=2004672171&idt=192&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc4OTE4MAogIHNlcnZlcl9pcDogMTI2MDY4NjI5CiAgcHJvY2Vzc19pZDogMTk5NzA1MzY2NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B1F5 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTc4OTE4MAogIHNlcnZlcl9pcDogMTI2MDY4NjI5CiAgcHJvY2Vzc19pZDogMTk5NzA1MzY2NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODEzMjczOTA1ODc0NDE0NzkyNgpkZWJ1Z19rZXk6IDExMzAyMjc3MzcyNzY2NzM3NTg1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1ODk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDcwNjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3c7edb9b0b5989490000000000000000","13":"0x8aee6954da046a1a0000000000000000","14":"0x7c31c841f080dc7f0000000000000000","15":"0x7b52d51cd6169c880000000000000000"},"debug_key":"11302277372766737585","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"18132739058744147926"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame B1F5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1702121161081252&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c07acb5e3697e5c8adff265f7063cc2eae97a0e7ab0355d8f8b96e53acf24d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4345
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 843A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AC8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=599679828418&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AC8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=599679828418&version=m202309260101&ct=119&x=1&cor=9778367006126514000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7AC8 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxywNu3BPjoF7w3gxwcpEp8QEHRPDFVIG-h_yC4eag14fMiz6O56VjmZsyj_-lAI1TEAhYIIHUoFJLNVFll6QTpnJQzdqb72WU9MNn4nTBJ56CwsmloyHfXXlreizqfJ4vELhMIqzXkLT63-S9Bnpc3CIhK0o5a7eA_UalYVAjYmjvRcnNNDZ0JPy9Ksug5v6nr-U&cry=1&dbm_d=AKAmf-C_va4aeorUOiS1DmsEgNEz-B1u4KZrz4waoGrpJYX_vTg9IP9CEpIgn4MIQhEQN1yVlqCxerWiDGDNoKs8rFJD5gkbsNlwu67uCpGm8sI5ROL8N6LOzHZrG5R7UHlZsG-PgyHHrAzhr3RW7A_ahlvAYqZPash8nTS_aSN5wVWioamVAfiU0Ss_LSngWE3n49O_3FxNZ_f-GYjEUt0yBTZw13U74o79g9QbcE2xy0sE47KvwvWn3q3yDsO9ztwsx1pKhXmT7jbYLN0RZO-Rw9Hs0ugBNirLauK0qQk_3axs0j478FzowyTaIH6FQv8it8Mtysg3VCdEhiHLzxPy5PVgnWZQGFRUD0XHq017exYgrF0ZDq2UCYObATML1PKD89UHFDkOzRq8kFyJ8MI3tWKnJgQtQepcxqK267KGV_UUY2ApFL0LyNAQdSsGjh3A8lKr8KbxyTqqYREmpgl7UBGqKvhXwqN5fro55uVYCfOc_66VYgUTLT3ghZcvNfg3-B2TpDZWv9QOD8a9ztzFvBVgUY0e3kwuTzVEy7ooVHqnzyGs-hZ7PQObPNnXXsgbYalPQOL8FEf943a31OyAyFe9yXQH7zwDEhOzZfXAJ8xmEF8AFCZu5NMN0YCKwT213f0VEOkFZk-VZxWIwA9fMkeyUWbT1ezOVMFN0XU7NXjeHJ3t2vAEUXbybQmA_cyV8RCDTUkEVFeCDJclKjB_NfHtPmcKtjlP3EUKSg_mFnfVwzK4B1b5VN-Ur0-dX0rWsWsqG1YSlit6vFXHEWUIJyc2siCAhvAdY88rUwG_cu3MrTFSv8rWL9yu2UJ96BK6Ozpm86_4g_08HwkP0Z6LOt8qwROkoFnEQi1YV1LHttnK5QKuxwaXcfPLnGZLCw7OSRGzRWQPJNEle1SZf2RHNFkwCRoYCRe8Z8gEQy4fXoxfcMCvarIqSFCwF3bw20RIMw6g27N80HfnwTGmBhV7PSeuSe0WUW-t0j4Oi3ZpquT7fIhsy5ev5oYv056SXOsalYg53CwQDrO0r_URXgcExbemrlbQTeHSVWRCHEBlFhY3UsL_zzsOwL-ymyPvCXJOqUsA6PnLV2T0oB5keyH31qjS7piP_HFIhz6KG_PdQXWJ5ap-D2IaOi0gX33humLc8Zwj3o_tKlT-8pbPfxn1THU-0cCLLNJqCBwQLoYzHXBhuD8tdq3g-HgwEtmlM84VgRFXLVkhQKVvdhE28Lc4EadvH0OrCbjDwT1A0vQ9DYVf5d0lud8ig1PhGIv3_9myrji4DIRS2HJnPKsGma8-SPb0uX6uhRvOTdtVuE8UKgH6coxW5I7ZVVWV7vO4Jn2R82oOpD0IwrOKVvhBHYYwpStHK7CuCb3e0OHjwP9ogRYsH5I-hwmMhYmawQizFMUrhBAnVpFVuD5LjS-IEMetL7XjoYME2BbaESgXOr6T2J1rCCSvCExTd7HqcAPFf9btfb-zm91h6HP21lCA_gOYoCkO7vrWs78HnvVCpvIMmZ39inV3s1j8Aw8rVY0DsgMfBY9FlPsbVhhDDHxMuyURDewUWLD46E9lyKgoP2BMmxpEnytHx_XI6K_hahOfLjo-6xleFs4ZvNfRoj30WU89eropXaftbqqAM9oyvYAQLJjPMq0NGHmug2qwtVHEIjiIMC_uDT5J0Jphfw5GKnO6iRg7ShSp706qS-SV-V-1nGxy4rffVBnhYrsXk6N-Q3FImZpRxL89mCzLhUK1Z_e03erZJUGDp3COyGHyJAh6oNQRAjHwTg46yggizvAUt2q1BLgtbII6qFcuR0XrVe3CyakBDymQVCmmQDIj3tUwtBjdeETIhKZpYr79WYIuroSy2X9Q25sjPBApNMXudhxLYJBTAuNkdtLRRSyOvezxMtbZhaijSiX6J1sviIsZPdjGPoEHbn1poYtdEzANS_6vi-U7uxJk9eqrgTgiCQ6ee5gctODdehTSFkP8wMP0LZI5gWH0jsqd_bs3fMJdbthED6dUKFc6-XuHvVU0rk_tx0AlITL2EJMUOmpTP8wrLyspUMutk_F5kalpJsKyVAWOOPiMB_88NpbKFA3EDuWVHAaB-H5XkrBLpJ1fAHKiyWKNocYGaOEoW6wFEPfAM4YdV9yCamv1hiaZThyCHgsncsjSvjKerH_32nwwthUO5PV5_ZWTUa4uOPfsjDFZ8z67_75waFNlt4BPoK-z3LtBd-agS2yQ93NIDuYqG1FvvrRZQc_nEYXaBySrT_HEwgFJoXpNtlkJa_3aXVMr2ygF0ybNUGazVR20nN5PBVQShK7NVZczOPL7li_h8lxchgeg1tWsfty9Xwwb6XeqWKuE2CnAZ49kY6bN31vNdfrgoA78619m7gfO4a-qs526QtNc2KSJXqlZ2iKYq6v_Jdu7J48A4HUFG1ESaOlGXpNhXrTizaOhl0djNbf8nUgB8kIovDRJNyFRtAiiwge9a6qNhkoIWtgmWfO49vUmQ220kN9Uee_AvRFm_uONbFOi208yMfTDvWFRDT6s1tOJKXfbuJ7PcaXA9cLX7ZerRV-oFtrF0R-DGPOdcYW_wzyiQ5GFbzMnWr5idDrBzxmfFDD-1UCXpqfajnO_5w08kGrJAjD_SOkjILA8f21E45vZJLuKpkt7VRTgQBYH7AWhCWugZqNW_xnpRT2aDtyS1n3LR7TsYIds7tY7arbSgNvnpj2zTQ4DV6pKprqoy652czQ9taFFdCw5Am14z2o8-AmvNFrRpD0GH8Xpx6gK5lB5YG8wzRaerKSGe5UEeTSuQ_l05SX_aUQRcNpawhY_5fWVMv2O60TxmfQWxBOO-oabQupbVl0wyvQzEffPSFRRhkrxdCNbvE8JguGNHFB6MJB3wKWvCKSYZPe6pyAkQSlr9zJlf0ibuAQHZj8DEb1sRkVVyXSIc_smt7n5BhyKOPrFa9Rcbf8ggDnrDNQ1J_FRvfl2AVWsuMVVb2IMtvVwR_G3HrGh-7aY0Io-t3H9RRpxREd1FI5jMh1L5mq0BJT9ThX76G704ha9EUamHHIX9XbdBiAST9IkkktHPIpLsKrcN9IJDgUsVZn7K9g8nEFr2HrAHI3-iFALvq10OghUfQ48ZkRKOLERAD1nBye0DOXWZ5QbWr2Psow1RISNhTKTloZdCiXThYe1KGmXRMbYyAYTOjW4iUVqmHmEyUi3T6WLvLtzgUkE-ohuzK3IGcnjfYoIfKY7jlb_W4sPRHjGRJbqI9dxmzFKDXp7jPx_HsVrljqTN-GBWefztiHYjnvhTk5QC3pK1Xkt_vSgS5laWHRYVRGyfP87YPuXH-NKgYIQOLyB11YE1A5sbnO-7swEZgOXuHVB8_7t7IAkt37e60nicWLIRWl6bN_Ist4Jezjs21Q3F4r-Kv40RnlCnHMphjbLcAo5JeQn4nZzWiqJGWgjf_0fQSixsJ0ly81FLN2IE4-vBaEmSko3cKVFJjtZaEU8YHTd2HU0mISg37YJVGOfq3NzTyQKQONaUls5JMcvAdNNUooK1RYuKqtfjJjBDbXgrxpsp3GnitndkWfji71WW1OV7Z2XiB5te4w64TJMJVKRQ9pXg6QepGuEqgMWPDD9dRaJgeqb0AnRVgUjFNKpkTsXH7iGZs2LWsqX_oE5lG5IOfR6K9Tb_BrmsWcnXgsuo-mUjRTcYY0Hb2XJSBD25EWNtoHI74BBfTF-Oi08SRRSL_fZFwO9jYCdyfdLdgCTZbSQvNpaPC-ZMcpMu9tGnjgM73XhvHaEztg6FbN8yIosHqjSR4HQcwOe5ygbl5QAw9hCWLs0TG_RFuP0d2GTzpuLPVa0rmgvOBQBZ-S9Hy2-d_5SNfQUZL8n4mZmCjtC1ybhv8U67R6Fz6g_qhmFNhZgFbgzWIjorKBjw8P8Y-IVID06yeup41TTrHGMmq3CDaKDKJerlReq1wXXCqSDSeGiGSB-L8NMk-YZ6dc8vXT9PNDs7y0xLt5Iq_5NgvswBK_8T1wAAQiQ5FsAERPQLdn_wxTmwd6-8hKIzXlPQMB8fP4hC9YPqZmGubQBGl0xfKZbKaS1kDtqrVoJnh_GRG8zZoDB1fMXEzp02HhQP6GpPdh7cKI1PKIzGDmyYqX9qsvKtI4NCeXe2PTWMGFgnrqHupMT4caFyMeiEQiW2dOS5mirPVvDhyndeu1bArygSZmFBTstEZjnjURsVZzBKtiT42U2JKtYMd7mFr9P-uZOUUoSZN-9_t8y4hYt2W1D3Z7ROpa4waiSrHMCslzxgTsOEcY2MAqCntLeEXrgqJbOMdB4mb8N&cid=CAQSPADICaaNBor748e10TRKBSvZo0r_DwE15zSgl23dkx5z3CYCpScb1EDbNQLCrT5DJDfzgIGdFQUKlp3cdRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=9778367006126514000&adk=2013371550&idt=123&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70e804717bd73d9ae92aca06f4da252723749779682ccc19de3f1319cda73649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38856
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F4D5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzuxeFbl82_rhyRkj3tHh5UdPzkx-dAwDoKG46vK6vFMB5XGqXjNVLUhW7sD5kNU0OAddGQPrP3ewNi4JKnTJB7Pp8s0llhAuhMq3JDRtHf0sfFScRr2KnX67-T7D8LRwMaQU6lH2z-nihytj0ZWME3_7IoKFooWd-Oo4rcIwtL7HKDVw&cry=1&dbm_d=AKAmf-DEKicUXC9OdqeoZGMvACGCoyvHWYMtTkjT_sHCYovSkocVxSx-5HLddFb6B7D-9BcJ6JSSP5daHntfiMkBpWIVWtN3IwaFtCxAfDBx485gI8cBGLjqFDUDXgb7pVvSuirjD1wrs8InT2AtK2fASxDJi4kB7bUPdKyV185pfPy0BZOQaMBy4oPdX39t53LVZ58016ZjMpg2hnW4MtopRDhm5tLdoI-n0mnpYXVC65As0gNyC4SxDrczbx97WV2V0_jAaiKyJgfar-iLTtWdmauT57y4-jEs3yLAehUnjN1X8ftBVQ1ACx7Ow7qrK9bAhKAGPYBX9OYVGvvi1ZKTmzsZrokC94-JbkCg3zFKlUKkkJM6tdkT5t2ny8PgTTAbsHZzNX7y5avciFDbMUPjRg8Ouy2en6eqUUAkoDW_tLcZxxHp_dG_ZZ63eBIxF-HCzT-hXyjW4UsuK50Vb-dWMjwXINkxSHpcFmDpP1tvb-t85jI3Mjj_b5XlATwUHax0-903oe4NjZsbm8kkeycpgX26sZTDg4BLaRsY0FicEO5sOXzVghlGLdtbjcPv1TiMV7dVO_sD9ONEWIn5-CTi-xvNa_35CxHCy7Qypk_L17_zN92XGjU3g5UEYEYoM-crl9kb2veJMA6luFMvI6z3IMWRFxq-mYot7PuMBQaOIqbav6CxUxT1mcUo5Qhu1-c8E4EHyIeIKCo2uUFAmS-byw4x0wkNovYL_c5ElT4aPcoejxkGKvzHoNVeXoVPhH0YU-L7e_ZIF7V8PP1wuDcLGwxjj5TJht_Yj92_nmTvZUdWNYVD1pTj4qGoPCSVgvVX_PFGwaRng9uSMKL6L-fUzD-78-yA3Oq9dmw1SfJRHzF_RSIVcD8rodx4f55abc4H9_7JdXUJHz-ybMQJipj-gZmcVGEbiIlsdUhbBmdvjXpzoJ7HVL9DL1RBr8GaM6dLuC9dK2Fg6SNRj0f4PYULnFlptti8sczhWwlbA_iICr8eAWR5PoUspGlNk_coNr-0hVnfOigVI9ucqOPDRseVq61UfDysdO7XVR9DnaT9S7osfiHJfPdzbc9-EkOEr52X7GS6h4UB7sP1lEMf6U5XAyfy-npu4sqKtlorUWjxVvPdO9CzyQr3HECdjkj5GZqYGcrIIQ_QETzEe5XO1z35QgA0VkfAp3Pf725LFFBiL3XHwS3fy6qIUw577PPuPhE_xlsEOtJr313tr0CLuMh4zcF7fgdlvjX-fDUViBoivWoSXbA1wHluNqPURoWGUregoHqy0Fbcwg8lP3qp1md_81NG-M3pA_WpZawdnlgEPTNueibfMrjr7d-xVgtx2V7_FJGpoVTsERCWIdKfDcp1DNjrklEEv5NFNnjEmHVz57WJcU6Lp3MWyolOtU3FwgAkoqwPhHWvb6UY3SG30gigSZ5nXb9Jv9DLfhTWoUf-jPIMKT41ecIZnEcTBdUyuUUN1KZmRE1s51PUuMmFoQb6yibz4uYMfvmWSP73sUFhzeiIPbFvcoUHSd26XA31kzLRQQLaRNoY0oiHAI3tljZ-bjHjaECGwScbC0MyL8D4EdYsPZWHGQJiWumt7Bd1WdSc_BMktKMWsSCVwjf69Bi0EmrPWdWChDWDce58Hjw3s6fx-uERcNb9NrfZj8bKAL5fe7aR0q5bo6dHw2bHSpOixE3pamf8PdCr5iAudUoCF73sb8O1JUI6sU20H28lWkrkuUDuclhhStaktGFpmnT9bl16I6P9vbliuY5c4l9iPIS0GyefzWVQAzkVCBkv7Ux3HBdU-BpJ8SPjHfmknIGzTvAI9QZwQMZANRvkWxwhSJLe9B3FeTKtTV0VTq7x3MuPy82cnwtmjkmIF9Re9C-7gIQdRmyxlwXNA77pXvDrkto5ZBalzRS1G2WTXQHMB-RCNAC7yKXsHsKCoBuiHe-XVEFHeHaFYXiiud_8zvRAivfhXBeVyZUjtnGfDl-ftNzpdkT9Sp3352H_kjSCuL0WE7apIB4IKXajgRFcabIFMGNjLP4Km4v4L2xGcgTIL5c-br_SlLhXTUD7rlDOv5NaOlbyRh96yT3ZAjdxZImkGa_CeUS306q9qUP-3LxuarC4XqS625yQWFRtkLKszI3L2L6n2xYu_LAUEUeZkMJNIZPTZjzxGUgfSJxXjkZ28g4kd2nOMNLcbuTq1XvIqj7VOd5Ph6v3PzXOUKRRsIw2XetwQfTV7rIvRPdv7JmFKicqhFDk3oO2fI9SjPzVssEdNAcmK2HsPWdkOQD7OHz4C-FQq4d13wthh4jt3D7IoK9_dxWIuFTs-SDYXQCEJXINT3GTVhQOCuXBMZkBFvWitQ6eOBZhXtxtqGrPfOec9lIhw1FO2I8dCFFBICGOvMfvIu4Kn3GH0LWP5c_o5OXm9HFC_hYRd_zaBZ5P4754D3h3P2zNXt_vwu_az7xtOTPlWg4BKrXAiDcGSRi-zjIvIngNoA6-t-hj-kO1huApkcfbqMAk1weudNScswD72am1wlSsj6tVIShwOuFhyeoaklbatSTjy2YteRwj2W1tZ9eTO_VfD8lls8Dpr-huqqKvfGTP4FF7JUL9AuqZLMi_PSw3bdP_iYr0tUagJPmuJ68onZfS5UJwgi8jZgdDevpUKabT_heCgXZIHux4sJ6ILHSt1b4caCzW4W69wa41VmzfU4NbpIsIBmWw1_50-DFDoG6BW1WztfdenGrVoK9mHeRJEBhKYRZgLzNrGcZs8IJ4fSV5J50RsWMp-BhDgyQdbPhSfQnXdSuAwCurLYR4od7uupt-pcJf66-clNo1lmvwA_W5c2zxIlPXKoeZu3PzSHo4oChPgN336PIEpOlvXXbCr44C1vJI8Zjzj3mhC03TCCU9wJDOvROwOikaMX0gnRpqIgk8YXHaqtZm5PIClsm02pFeIciMR9lGA2mO84GXlyACxFM5hqTtd-jXZv3vMVGD6CwMWLeYCmQG-8GQGPSNPQn0WtC0Cu9oZe87gsQhDtCHJ4NZxwmPcnOZV2GbkJ7Lro93wR6fIuqN-JqXzPRdL2gUHS8Lh0TcTgOFtUjDNpbDMKNDhCwRqUtRj4w81SdxMTlMF3jZ3P67nbyv7siFOOGvZggxC5VrjENbC6yWM8Oor6WXMLAkrGYELe3QBgWeLgRHEqFRkIZIY_nI9WK292CBJSHsEZ4cZAQSUa-WCmMTKK8S_wvWQuUgX5PgfhkiMqAkTpxrX3zayQYgLTePihhO30PAWC7CdP9d2Y349h73t4PwTzwVxAXGBbGtL6_npvB0z17D1yqWsVikbBpacYHV8KcK7YSK3mp6gEEubF2eAsvp7c5I9mY3vGmPF0aW8h87Nh1UlOjtcESKZIXG0yLp0otvjE7CJWUvIgv8Jko-yq9YztCv4sKSnF8ht0Rvraa2WLS79Rb1GpNNDS5eZfJC19JHoR590mN7ZrJ9D0W1o4awC1YcGDC6_JqJbn4hd2v-fFm7jKghFS4LGFes59tG_HTUpdmuvmdRn2xz1tqk1awPQsKQSBFnHXGJVJvtJS8CjkY3NxfpAKADCLreJv61YmulZpzQWsSxk5zIDtZYK4jvMAcs7LYpRjxqjyt1QNusrnghjz2b6V9gz2qxptoWlutF5DrxS9NzlIQHCJ9DziHNBUNqKcAM3u8VkljkeuWrbqkcNkRFVEtTbjlYEuPk2xxrxhEY0L045PhUUf0k-FdlxxrecX04yfq_sJg9EQ84czEH5800wCaZp_cV8cCALl5dcMKnKbWHw8GUIQpW526QTa3PLhBzkc39WcjEeHEix0fJ3_RzNoqL3WGexark82co5Ev08AqlrNHMHKofRsnmLGfeUjRXDkvLujzaeRECiyxSkWi0Lna3EcbogpdC1mFgIuPoaJu-pYSSm7FFOk8ea983aq_J8KBlkXcl3m5OouKwpvAs0o5oe_rIOPKc_9dsR0PsOWiJRNb1A52nvBnltSWOwdCZjhRisDTvIoDeB1gvpiy_I7uApJ-LWzv13vQD1vEMKcJExXbmX0Wl-0zgR8UXExoqvJm74bCUL6YIcmJf0TBV1vfqAA8HsPy4rFMAlp6ctNFXqeovivglU_6EkvQ4D3WiYXqX2qkeFF_7k7fzUHc3-i4t0FLh0JOVQDWbt4wLslR8EJ0gh3znQSRc&cid=CAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=6124800881718185000&adk=1033480540&idt=298&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTgxMDE4MwogIHNlcnZlcl9pcDogMTI2MDY0NDk3CiAgcHJvY2Vzc19pZDogMTk4MDQ1NzcxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F4D5 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjEyMTE2MTgxMDE4MwogIHNlcnZlcl9pcDogMTI2MDY0NDk3CiAgcHJvY2Vzc19pZDogMTk4MDQ1NzcxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MTAwMDgwNTQ5MzkzOTA5NTk5CmRlYnVnX2tleTogNDg5MjM4MjY0MTMyOTAxMDczMQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA4NjM4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3c7edb9b0b5989490000000000000000","13":"0x8aee6954da046a1a0000000000000000","14":"0x7c31c841f080dc7f0000000000000000","15":"0x2734d125194e8a200000000000000000"},"debug_key":"4892382641329010731","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8100080549393909599"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g72h7lz2c4az
hal9000.redintelligence.net/zone/ Frame F4D5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1702121161121099&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0701e9f05edf152bab068b3eb3281be764e22211ca0b00e03db395e7a950ad31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:01 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4323
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7c00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Sat, 09 Dec 2023 07:45:28 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
29657
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
tHgiRupvQaEY5SVLNSKdd7IaWAU0zxzEXtJ7J3HTkSTh6sz35gtGLw==
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=27117e9f-8126-409d-abb6-a51486fe4a9a&pageId=66207&pid=71132&debug_metadata=BN1i9KuIEy&fv=1298&ts=1702121161960&f=1&referer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=27117e9f-8126-409d-abb6-a51486fe4a9a&pageId=66207&pid=71132&slot=polymorph&fv=1298&ts=1702121161964&f=1&referer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CF15 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad
a.teads.tv/page/66207/ 		481 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/66207/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&auctid=27117e9f-8126-409d-abb6-a51486fe4a9a&autoplay=true&formatVersion=1298&env=js-web&netBw=9.1&ttfb=2020
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e93221c25958e1acf1d854f31b720dbf48a849faab21619c41758c69c6d529d

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
333
expires
Sat, 09 Dec 2023 11:26:02 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 474A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900029.redintelligence.net/ Frame F8E6
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e6ff1581d0d09f9605566be29af101bf573cbae0eec4a9563140ee8d1becd1dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
66467800047400504444990012533029
Connection
close
Content-Length
1388
Expires
Sat, 09 Dec 2023 11:26:02 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 09 Dec 2023 11:26:02 +0100
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 843A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1429 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 09 Dec 2023 11:41:02 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:52:33 GMT
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
34410
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
OuxEDNP-oSQ__CID91zBTGCjCyczMydLyyr7KcLrid51sYdVdOQGUQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ref=&_it=amazon&partner_id=632
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CC8G5F16RM7B26
age
6731
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
832ce40f38dc9277-FRA
x-amz-id-2
HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
V2D9XB0XB3MM1KEZ
age
390
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
832ce40ea9892c1a-FRA
x-amz-id-2
QTZuy3bTvATH36yOIaPePZ5jKiWZkjKFZoTe9u6nYiUx98/jHeBML4suwUbj8Uf1dzWdMS/LrVM=
request.php
hal900019.redintelligence.net/ Frame 34CC
Redirect Chain
  • https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
1456bdd3d37d926030482e7920278f4b4ca1b9f8c2f5fed6799d2fc7f0203ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
87316300050411004444554012533019
Connection
close
Content-Length
1327
Expires
Sat, 09 Dec 2023 11:26:02 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 09 Dec 2023 11:26:02 +0100
request.php
hal900010.redintelligence.net/ Frame B1F5
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
75f1f833dfea6edbfd268f196ad40df5563b22346164d520b92afb04a0aa2819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
29814200043772704444554012533010
Connection
close
Content-Length
1325
Expires
Sat, 09 Dec 2023 11:26:02 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 09 Dec 2023 11:26:02 +0100
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7AC8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 7AC8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxywNu3BPjoF7w3gxwcpEp8QEHRPDFVIG-h_yC4eag14fMiz6O56VjmZsyj_-lAI1TEAhYIIHUoFJLNVFll6QTpnJQzdqb72WU9MNn4nTBJ56CwsmloyHfXXlreizqfJ4vELhMIqzXkLT63-S9Bnpc3CIhK0o5a7eA_UalYVAjYmjvRcnNNDZ0JPy9Ksug5v6nr-U&cry=1&dbm_d=AKAmf-C_va4aeorUOiS1DmsEgNEz-B1u4KZrz4waoGrpJYX_vTg9IP9CEpIgn4MIQhEQN1yVlqCxerWiDGDNoKs8rFJD5gkbsNlwu67uCpGm8sI5ROL8N6LOzHZrG5R7UHlZsG-PgyHHrAzhr3RW7A_ahlvAYqZPash8nTS_aSN5wVWioamVAfiU0Ss_LSngWE3n49O_3FxNZ_f-GYjEUt0yBTZw13U74o79g9QbcE2xy0sE47KvwvWn3q3yDsO9ztwsx1pKhXmT7jbYLN0RZO-Rw9Hs0ugBNirLauK0qQk_3axs0j478FzowyTaIH6FQv8it8Mtysg3VCdEhiHLzxPy5PVgnWZQGFRUD0XHq017exYgrF0ZDq2UCYObATML1PKD89UHFDkOzRq8kFyJ8MI3tWKnJgQtQepcxqK267KGV_UUY2ApFL0LyNAQdSsGjh3A8lKr8KbxyTqqYREmpgl7UBGqKvhXwqN5fro55uVYCfOc_66VYgUTLT3ghZcvNfg3-B2TpDZWv9QOD8a9ztzFvBVgUY0e3kwuTzVEy7ooVHqnzyGs-hZ7PQObPNnXXsgbYalPQOL8FEf943a31OyAyFe9yXQH7zwDEhOzZfXAJ8xmEF8AFCZu5NMN0YCKwT213f0VEOkFZk-VZxWIwA9fMkeyUWbT1ezOVMFN0XU7NXjeHJ3t2vAEUXbybQmA_cyV8RCDTUkEVFeCDJclKjB_NfHtPmcKtjlP3EUKSg_mFnfVwzK4B1b5VN-Ur0-dX0rWsWsqG1YSlit6vFXHEWUIJyc2siCAhvAdY88rUwG_cu3MrTFSv8rWL9yu2UJ96BK6Ozpm86_4g_08HwkP0Z6LOt8qwROkoFnEQi1YV1LHttnK5QKuxwaXcfPLnGZLCw7OSRGzRWQPJNEle1SZf2RHNFkwCRoYCRe8Z8gEQy4fXoxfcMCvarIqSFCwF3bw20RIMw6g27N80HfnwTGmBhV7PSeuSe0WUW-t0j4Oi3ZpquT7fIhsy5ev5oYv056SXOsalYg53CwQDrO0r_URXgcExbemrlbQTeHSVWRCHEBlFhY3UsL_zzsOwL-ymyPvCXJOqUsA6PnLV2T0oB5keyH31qjS7piP_HFIhz6KG_PdQXWJ5ap-D2IaOi0gX33humLc8Zwj3o_tKlT-8pbPfxn1THU-0cCLLNJqCBwQLoYzHXBhuD8tdq3g-HgwEtmlM84VgRFXLVkhQKVvdhE28Lc4EadvH0OrCbjDwT1A0vQ9DYVf5d0lud8ig1PhGIv3_9myrji4DIRS2HJnPKsGma8-SPb0uX6uhRvOTdtVuE8UKgH6coxW5I7ZVVWV7vO4Jn2R82oOpD0IwrOKVvhBHYYwpStHK7CuCb3e0OHjwP9ogRYsH5I-hwmMhYmawQizFMUrhBAnVpFVuD5LjS-IEMetL7XjoYME2BbaESgXOr6T2J1rCCSvCExTd7HqcAPFf9btfb-zm91h6HP21lCA_gOYoCkO7vrWs78HnvVCpvIMmZ39inV3s1j8Aw8rVY0DsgMfBY9FlPsbVhhDDHxMuyURDewUWLD46E9lyKgoP2BMmxpEnytHx_XI6K_hahOfLjo-6xleFs4ZvNfRoj30WU89eropXaftbqqAM9oyvYAQLJjPMq0NGHmug2qwtVHEIjiIMC_uDT5J0Jphfw5GKnO6iRg7ShSp706qS-SV-V-1nGxy4rffVBnhYrsXk6N-Q3FImZpRxL89mCzLhUK1Z_e03erZJUGDp3COyGHyJAh6oNQRAjHwTg46yggizvAUt2q1BLgtbII6qFcuR0XrVe3CyakBDymQVCmmQDIj3tUwtBjdeETIhKZpYr79WYIuroSy2X9Q25sjPBApNMXudhxLYJBTAuNkdtLRRSyOvezxMtbZhaijSiX6J1sviIsZPdjGPoEHbn1poYtdEzANS_6vi-U7uxJk9eqrgTgiCQ6ee5gctODdehTSFkP8wMP0LZI5gWH0jsqd_bs3fMJdbthED6dUKFc6-XuHvVU0rk_tx0AlITL2EJMUOmpTP8wrLyspUMutk_F5kalpJsKyVAWOOPiMB_88NpbKFA3EDuWVHAaB-H5XkrBLpJ1fAHKiyWKNocYGaOEoW6wFEPfAM4YdV9yCamv1hiaZThyCHgsncsjSvjKerH_32nwwthUO5PV5_ZWTUa4uOPfsjDFZ8z67_75waFNlt4BPoK-z3LtBd-agS2yQ93NIDuYqG1FvvrRZQc_nEYXaBySrT_HEwgFJoXpNtlkJa_3aXVMr2ygF0ybNUGazVR20nN5PBVQShK7NVZczOPL7li_h8lxchgeg1tWsfty9Xwwb6XeqWKuE2CnAZ49kY6bN31vNdfrgoA78619m7gfO4a-qs526QtNc2KSJXqlZ2iKYq6v_Jdu7J48A4HUFG1ESaOlGXpNhXrTizaOhl0djNbf8nUgB8kIovDRJNyFRtAiiwge9a6qNhkoIWtgmWfO49vUmQ220kN9Uee_AvRFm_uONbFOi208yMfTDvWFRDT6s1tOJKXfbuJ7PcaXA9cLX7ZerRV-oFtrF0R-DGPOdcYW_wzyiQ5GFbzMnWr5idDrBzxmfFDD-1UCXpqfajnO_5w08kGrJAjD_SOkjILA8f21E45vZJLuKpkt7VRTgQBYH7AWhCWugZqNW_xnpRT2aDtyS1n3LR7TsYIds7tY7arbSgNvnpj2zTQ4DV6pKprqoy652czQ9taFFdCw5Am14z2o8-AmvNFrRpD0GH8Xpx6gK5lB5YG8wzRaerKSGe5UEeTSuQ_l05SX_aUQRcNpawhY_5fWVMv2O60TxmfQWxBOO-oabQupbVl0wyvQzEffPSFRRhkrxdCNbvE8JguGNHFB6MJB3wKWvCKSYZPe6pyAkQSlr9zJlf0ibuAQHZj8DEb1sRkVVyXSIc_smt7n5BhyKOPrFa9Rcbf8ggDnrDNQ1J_FRvfl2AVWsuMVVb2IMtvVwR_G3HrGh-7aY0Io-t3H9RRpxREd1FI5jMh1L5mq0BJT9ThX76G704ha9EUamHHIX9XbdBiAST9IkkktHPIpLsKrcN9IJDgUsVZn7K9g8nEFr2HrAHI3-iFALvq10OghUfQ48ZkRKOLERAD1nBye0DOXWZ5QbWr2Psow1RISNhTKTloZdCiXThYe1KGmXRMbYyAYTOjW4iUVqmHmEyUi3T6WLvLtzgUkE-ohuzK3IGcnjfYoIfKY7jlb_W4sPRHjGRJbqI9dxmzFKDXp7jPx_HsVrljqTN-GBWefztiHYjnvhTk5QC3pK1Xkt_vSgS5laWHRYVRGyfP87YPuXH-NKgYIQOLyB11YE1A5sbnO-7swEZgOXuHVB8_7t7IAkt37e60nicWLIRWl6bN_Ist4Jezjs21Q3F4r-Kv40RnlCnHMphjbLcAo5JeQn4nZzWiqJGWgjf_0fQSixsJ0ly81FLN2IE4-vBaEmSko3cKVFJjtZaEU8YHTd2HU0mISg37YJVGOfq3NzTyQKQONaUls5JMcvAdNNUooK1RYuKqtfjJjBDbXgrxpsp3GnitndkWfji71WW1OV7Z2XiB5te4w64TJMJVKRQ9pXg6QepGuEqgMWPDD9dRaJgeqb0AnRVgUjFNKpkTsXH7iGZs2LWsqX_oE5lG5IOfR6K9Tb_BrmsWcnXgsuo-mUjRTcYY0Hb2XJSBD25EWNtoHI74BBfTF-Oi08SRRSL_fZFwO9jYCdyfdLdgCTZbSQvNpaPC-ZMcpMu9tGnjgM73XhvHaEztg6FbN8yIosHqjSR4HQcwOe5ygbl5QAw9hCWLs0TG_RFuP0d2GTzpuLPVa0rmgvOBQBZ-S9Hy2-d_5SNfQUZL8n4mZmCjtC1ybhv8U67R6Fz6g_qhmFNhZgFbgzWIjorKBjw8P8Y-IVID06yeup41TTrHGMmq3CDaKDKJerlReq1wXXCqSDSeGiGSB-L8NMk-YZ6dc8vXT9PNDs7y0xLt5Iq_5NgvswBK_8T1wAAQiQ5FsAERPQLdn_wxTmwd6-8hKIzXlPQMB8fP4hC9YPqZmGubQBGl0xfKZbKaS1kDtqrVoJnh_GRG8zZoDB1fMXEzp02HhQP6GpPdh7cKI1PKIzGDmyYqX9qsvKtI4NCeXe2PTWMGFgnrqHupMT4caFyMeiEQiW2dOS5mirPVvDhyndeu1bArygSZmFBTstEZjnjURsVZzBKtiT42U2JKtYMd7mFr9P-uZOUUoSZN-9_t8y4hYt2W1D3Z7ROpa4waiSrHMCslzxgTsOEcY2MAqCntLeEXrgqJbOMdB4mb8N&cid=CAQSPADICaaNBor748e10TRKBSvZo0r_DwE15zSgl23dkx5z3CYCpScb1EDbNQLCrT5DJDfzgIGdFQUKlp3cdRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=9778367006126514000&adk=2013371550&idt=123&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
58769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:06:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7AC8 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxywNu3BPjoF7w3gxwcpEp8QEHRPDFVIG-h_yC4eag14fMiz6O56VjmZsyj_-lAI1TEAhYIIHUoFJLNVFll6QTpnJQzdqb72WU9MNn4nTBJ56CwsmloyHfXXlreizqfJ4vELhMIqzXkLT63-S9Bnpc3CIhK0o5a7eA_UalYVAjYmjvRcnNNDZ0JPy9Ksug5v6nr-U&cry=1&dbm_d=AKAmf-C_va4aeorUOiS1DmsEgNEz-B1u4KZrz4waoGrpJYX_vTg9IP9CEpIgn4MIQhEQN1yVlqCxerWiDGDNoKs8rFJD5gkbsNlwu67uCpGm8sI5ROL8N6LOzHZrG5R7UHlZsG-PgyHHrAzhr3RW7A_ahlvAYqZPash8nTS_aSN5wVWioamVAfiU0Ss_LSngWE3n49O_3FxNZ_f-GYjEUt0yBTZw13U74o79g9QbcE2xy0sE47KvwvWn3q3yDsO9ztwsx1pKhXmT7jbYLN0RZO-Rw9Hs0ugBNirLauK0qQk_3axs0j478FzowyTaIH6FQv8it8Mtysg3VCdEhiHLzxPy5PVgnWZQGFRUD0XHq017exYgrF0ZDq2UCYObATML1PKD89UHFDkOzRq8kFyJ8MI3tWKnJgQtQepcxqK267KGV_UUY2ApFL0LyNAQdSsGjh3A8lKr8KbxyTqqYREmpgl7UBGqKvhXwqN5fro55uVYCfOc_66VYgUTLT3ghZcvNfg3-B2TpDZWv9QOD8a9ztzFvBVgUY0e3kwuTzVEy7ooVHqnzyGs-hZ7PQObPNnXXsgbYalPQOL8FEf943a31OyAyFe9yXQH7zwDEhOzZfXAJ8xmEF8AFCZu5NMN0YCKwT213f0VEOkFZk-VZxWIwA9fMkeyUWbT1ezOVMFN0XU7NXjeHJ3t2vAEUXbybQmA_cyV8RCDTUkEVFeCDJclKjB_NfHtPmcKtjlP3EUKSg_mFnfVwzK4B1b5VN-Ur0-dX0rWsWsqG1YSlit6vFXHEWUIJyc2siCAhvAdY88rUwG_cu3MrTFSv8rWL9yu2UJ96BK6Ozpm86_4g_08HwkP0Z6LOt8qwROkoFnEQi1YV1LHttnK5QKuxwaXcfPLnGZLCw7OSRGzRWQPJNEle1SZf2RHNFkwCRoYCRe8Z8gEQy4fXoxfcMCvarIqSFCwF3bw20RIMw6g27N80HfnwTGmBhV7PSeuSe0WUW-t0j4Oi3ZpquT7fIhsy5ev5oYv056SXOsalYg53CwQDrO0r_URXgcExbemrlbQTeHSVWRCHEBlFhY3UsL_zzsOwL-ymyPvCXJOqUsA6PnLV2T0oB5keyH31qjS7piP_HFIhz6KG_PdQXWJ5ap-D2IaOi0gX33humLc8Zwj3o_tKlT-8pbPfxn1THU-0cCLLNJqCBwQLoYzHXBhuD8tdq3g-HgwEtmlM84VgRFXLVkhQKVvdhE28Lc4EadvH0OrCbjDwT1A0vQ9DYVf5d0lud8ig1PhGIv3_9myrji4DIRS2HJnPKsGma8-SPb0uX6uhRvOTdtVuE8UKgH6coxW5I7ZVVWV7vO4Jn2R82oOpD0IwrOKVvhBHYYwpStHK7CuCb3e0OHjwP9ogRYsH5I-hwmMhYmawQizFMUrhBAnVpFVuD5LjS-IEMetL7XjoYME2BbaESgXOr6T2J1rCCSvCExTd7HqcAPFf9btfb-zm91h6HP21lCA_gOYoCkO7vrWs78HnvVCpvIMmZ39inV3s1j8Aw8rVY0DsgMfBY9FlPsbVhhDDHxMuyURDewUWLD46E9lyKgoP2BMmxpEnytHx_XI6K_hahOfLjo-6xleFs4ZvNfRoj30WU89eropXaftbqqAM9oyvYAQLJjPMq0NGHmug2qwtVHEIjiIMC_uDT5J0Jphfw5GKnO6iRg7ShSp706qS-SV-V-1nGxy4rffVBnhYrsXk6N-Q3FImZpRxL89mCzLhUK1Z_e03erZJUGDp3COyGHyJAh6oNQRAjHwTg46yggizvAUt2q1BLgtbII6qFcuR0XrVe3CyakBDymQVCmmQDIj3tUwtBjdeETIhKZpYr79WYIuroSy2X9Q25sjPBApNMXudhxLYJBTAuNkdtLRRSyOvezxMtbZhaijSiX6J1sviIsZPdjGPoEHbn1poYtdEzANS_6vi-U7uxJk9eqrgTgiCQ6ee5gctODdehTSFkP8wMP0LZI5gWH0jsqd_bs3fMJdbthED6dUKFc6-XuHvVU0rk_tx0AlITL2EJMUOmpTP8wrLyspUMutk_F5kalpJsKyVAWOOPiMB_88NpbKFA3EDuWVHAaB-H5XkrBLpJ1fAHKiyWKNocYGaOEoW6wFEPfAM4YdV9yCamv1hiaZThyCHgsncsjSvjKerH_32nwwthUO5PV5_ZWTUa4uOPfsjDFZ8z67_75waFNlt4BPoK-z3LtBd-agS2yQ93NIDuYqG1FvvrRZQc_nEYXaBySrT_HEwgFJoXpNtlkJa_3aXVMr2ygF0ybNUGazVR20nN5PBVQShK7NVZczOPL7li_h8lxchgeg1tWsfty9Xwwb6XeqWKuE2CnAZ49kY6bN31vNdfrgoA78619m7gfO4a-qs526QtNc2KSJXqlZ2iKYq6v_Jdu7J48A4HUFG1ESaOlGXpNhXrTizaOhl0djNbf8nUgB8kIovDRJNyFRtAiiwge9a6qNhkoIWtgmWfO49vUmQ220kN9Uee_AvRFm_uONbFOi208yMfTDvWFRDT6s1tOJKXfbuJ7PcaXA9cLX7ZerRV-oFtrF0R-DGPOdcYW_wzyiQ5GFbzMnWr5idDrBzxmfFDD-1UCXpqfajnO_5w08kGrJAjD_SOkjILA8f21E45vZJLuKpkt7VRTgQBYH7AWhCWugZqNW_xnpRT2aDtyS1n3LR7TsYIds7tY7arbSgNvnpj2zTQ4DV6pKprqoy652czQ9taFFdCw5Am14z2o8-AmvNFrRpD0GH8Xpx6gK5lB5YG8wzRaerKSGe5UEeTSuQ_l05SX_aUQRcNpawhY_5fWVMv2O60TxmfQWxBOO-oabQupbVl0wyvQzEffPSFRRhkrxdCNbvE8JguGNHFB6MJB3wKWvCKSYZPe6pyAkQSlr9zJlf0ibuAQHZj8DEb1sRkVVyXSIc_smt7n5BhyKOPrFa9Rcbf8ggDnrDNQ1J_FRvfl2AVWsuMVVb2IMtvVwR_G3HrGh-7aY0Io-t3H9RRpxREd1FI5jMh1L5mq0BJT9ThX76G704ha9EUamHHIX9XbdBiAST9IkkktHPIpLsKrcN9IJDgUsVZn7K9g8nEFr2HrAHI3-iFALvq10OghUfQ48ZkRKOLERAD1nBye0DOXWZ5QbWr2Psow1RISNhTKTloZdCiXThYe1KGmXRMbYyAYTOjW4iUVqmHmEyUi3T6WLvLtzgUkE-ohuzK3IGcnjfYoIfKY7jlb_W4sPRHjGRJbqI9dxmzFKDXp7jPx_HsVrljqTN-GBWefztiHYjnvhTk5QC3pK1Xkt_vSgS5laWHRYVRGyfP87YPuXH-NKgYIQOLyB11YE1A5sbnO-7swEZgOXuHVB8_7t7IAkt37e60nicWLIRWl6bN_Ist4Jezjs21Q3F4r-Kv40RnlCnHMphjbLcAo5JeQn4nZzWiqJGWgjf_0fQSixsJ0ly81FLN2IE4-vBaEmSko3cKVFJjtZaEU8YHTd2HU0mISg37YJVGOfq3NzTyQKQONaUls5JMcvAdNNUooK1RYuKqtfjJjBDbXgrxpsp3GnitndkWfji71WW1OV7Z2XiB5te4w64TJMJVKRQ9pXg6QepGuEqgMWPDD9dRaJgeqb0AnRVgUjFNKpkTsXH7iGZs2LWsqX_oE5lG5IOfR6K9Tb_BrmsWcnXgsuo-mUjRTcYY0Hb2XJSBD25EWNtoHI74BBfTF-Oi08SRRSL_fZFwO9jYCdyfdLdgCTZbSQvNpaPC-ZMcpMu9tGnjgM73XhvHaEztg6FbN8yIosHqjSR4HQcwOe5ygbl5QAw9hCWLs0TG_RFuP0d2GTzpuLPVa0rmgvOBQBZ-S9Hy2-d_5SNfQUZL8n4mZmCjtC1ybhv8U67R6Fz6g_qhmFNhZgFbgzWIjorKBjw8P8Y-IVID06yeup41TTrHGMmq3CDaKDKJerlReq1wXXCqSDSeGiGSB-L8NMk-YZ6dc8vXT9PNDs7y0xLt5Iq_5NgvswBK_8T1wAAQiQ5FsAERPQLdn_wxTmwd6-8hKIzXlPQMB8fP4hC9YPqZmGubQBGl0xfKZbKaS1kDtqrVoJnh_GRG8zZoDB1fMXEzp02HhQP6GpPdh7cKI1PKIzGDmyYqX9qsvKtI4NCeXe2PTWMGFgnrqHupMT4caFyMeiEQiW2dOS5mirPVvDhyndeu1bArygSZmFBTstEZjnjURsVZzBKtiT42U2JKtYMd7mFr9P-uZOUUoSZN-9_t8y4hYt2W1D3Z7ROpa4waiSrHMCslzxgTsOEcY2MAqCntLeEXrgqJbOMdB4mb8N&cid=CAQSPADICaaNBor748e10TRKBSvZo0r_DwE15zSgl23dkx5z3CYCpScb1EDbNQLCrT5DJDfzgIGdFQUKlp3cdRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=9778367006126514000&adk=2013371550&idt=123&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 11:19:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7AC8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15C9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900016.redintelligence.net/ Frame F4D5
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5f3df4aa86a79ad70161202fade6960085bb2731db8c37f26a04a14a3b7d0fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
94683000048362804444550012533016
Connection
close
Content-Length
1326
Expires
Sat, 09 Dec 2023 11:26:02 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 09 Dec 2023 11:26:02 +0100
truncated
/ Frame 7AC8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
335412f0cb48f047596da19fa24728986c4e56463e93ba7c2e889cfb388101ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CF15 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
e5143c1aff9a3fb42de9dfd0218cfab018f108e99dd7
handyfireman.com/47303cd3/ 		3 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://handyfireman.com/47303cd3/e5143c1aff9a3fb42de9dfd0218cfab018f108e99dd7
Requested by
Host: j93557g.com
URL: https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
x-hostname
fen-hoothoot-europe-west1-test-cmwb
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 09 Dec 2023 11:26:01 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 474A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1429 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
16a1c7560ea27c2da69f25d6c30363806470f4fbd0be481d9e8fe3f10d9dbf92

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache
x-server
10.45.25.118
access-control-allow-credentials
true
content-length
60
expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6C27 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 15C9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDXVHv1zbi5rV7VSrVzVgTc&google_cver=1&google_push=AXcoOmQN4-RIzL6JcZ5T-ubeCx6ibOWiX4w4VGlgGFJ8jiXaXlH3fGF9mi4m40k-zOnKtkB6AW0SbnIwkj6f3-RgBVe0Qh2VVx87
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI0NzE1NTIwNDk3NDI5MjQ0Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2aAc4a124BwfP7WBfDdV0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2aAc4a124BwfP7WBfDdV0&google_cver=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2aAc4a124BwfP7WBfDdV0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 15C9 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECqsr9sVsSqg4Kw7s_p-9g8&google_cver=1&google_push=AXcoOmQwQpFuWIfOytXSdcTI2B6998MjUf7aLtCB42Lnja7LOPT28vo_7yN_FvQZjf7dNlg4_jIrCoj7em_1gRHSwmtCiqoEyCHj
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRRNt...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmRRNtQ4RoUjEQvBDm1iAluPrPziKeNaRvDXXbH8WKfICvMbadWCcRha8zXK_b12QRW5C23TPJeSrGNn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmRRNtQ4RoUjEQvBDm1iAluPrPziKeNaRvDXXbH8WKfICvMbadWCcRha8zXK_b12QRW5C23TPJeSrGNniyYwvDySC3vXh9qrnA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmRRNtQ4RoUjEQvBDm1iAluPrPziKeNaRvDXXbH8WKfICvMbadWCcRha8zXK_b12QRW5C23TPJeSrGNniyYwvDySC3vXh9qrnA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
855532
content-length
0
expires
Sat, 09 Dec 2023 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 15C9 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMqPjm0yDjkSztI3ME7FhjA&google_cver=1&google_push=AXcoOmRvxv1gL858MXSWh37A2Y2mQiJFGr30SHahKlUsY0ZStvH4ML-r6m1WlabguWWgHAYIhZLX3ImprPY80BDHXP4-Ac54wA6lsQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 09 Dec 2023 11:26:02 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQVze5zlOtZdLfYkCtiyRtAgOElWnSxp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQVze5zlOtZdLfYkCtiyRtAgOElWnSxpgrjPrlRDaMzFBUnjTtMjvUmuOFX2IQMjP7BdWoRdfdIHqVFwg2YymmoDfTeeOFNcg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCS9vBUmj4YkmEB%2FYgtHFf2f2tA6QmsP5JAJqYfuAdE5Kf4xUbqJi4LxPh5BlbfyWA9t4WwiCKd1%2FbkamI8ZXNm2fS18DTRCVxyjsW6YvnONGYKMkD3%2BBw67Krj%2BkaEi2Yo2J91%2F94c9LA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQVze5zlOtZdLfYkCtiyRtAgOElWnSxpgrjPrlRDaMzFBUnjTtMjvUmuOFX2IQMjP7BdWoRdfdIHqVFwg2YymmoDfTeeOFNcg
cache-control
no-cache
cf-ray
832ce40f1e75450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-2bf5bc9b-4913-4467-aa11-f2ddb0e4c318-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSF8vfUO-SQFLWsN7P2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&google_hm=Ayv1vJtJE0RnqhHy3bDkwxg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&google_hm=Ayv1vJtJE0RnqhHy3bDkwxg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSF8vfUO-SQFLWsN7P2YSUbHkMAdBkTpy2Z7EUJK0y1alMWRUcCF0mL_-HQOdWfRhMmtVAax35djdvQ_3HHkRg2WxmqwmviAQ&google_hm=Ayv1vJtJE0RnqhHy3bDkwxg
date
Sat, 09 Dec 2023 11:26:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2bf5bc9b49134467aa11f2ddb0e4c318003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38b18850-85f3-4474-9417-875c5235f4e0&google_cver=1&google_gid=CAESEMsNfMzAR9kksnoF27CWbgI&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38b18850-85f3-4474-9417-875c5235f4e0&google_cver=1&google_gid=CAESEMsNfMzAR9kksnoF27CWbgI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQAVue5WHEPZ-CfDtvxYtuzEzRe_D4z2ncTysguAGhbbgCij47fpa8-5Wt5kK8MeAnPHhE8bfWBuy-0jFUVPNzkwyTxkD_TpaI&gdpr=${GDPR}
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38b18850-85f3-4474-9417-875c5235f4e0&google_cver=1&google_gid=CAESEMsNfMzAR9kksnoF27CWbgI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQAVue5WHEPZ-CfDtvxYtuzEzRe_D4z2ncTysguAGhbbgCij47fpa8-5Wt5kK8MeAnPHhE8bfWBuy-0jFUVPNzkwyTxkD_TpaI&gdpr=${GDPR}
date
Sat, 09 Dec 2023 11:26:02 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 15C9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I438MGNmp37qHFugq_d3KvSLTA6SAk5eQvGcyqhUA2_kw_931678gRyCDFxKY9dhRu6jAcgw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
1237346.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237346.json?callback=jsonCallback1237346&_=1702121158884
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e7cd65869288e9dc4dfc94c969ecf381b4d97a3409cebadfaf489059a80ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-amz-version-id
O.KvJIJoWxA90RZzQec.VgNEIomPftEn
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:54:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"f2798d2815aa346cabc735c148ff0df1"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
1984
x-amz-cf-id
IBwNWhl3FgRPwovaCzHfV7wfXg9N1d_-Jm7PCzjOlNZCWS0lt7LY2Q==
native-loader.js
video.unrulymedia.com/native/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/66207/tag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:915f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
x-amz-version-id
z_dySaxByB9wbNOD5Bjh5jqsWk6A7Mwx
cf-cache-status
HIT
x-amz-request-id
MN92479G0TQRBTPV
age
3636
content-length
6659
x-amz-id-2
oRJLmLBqqZjN50XuBqWnAYPDJQ76wNxdpWMRU0Oox+autrRsDzogZSwC5UM1FU2f69RZcpS97pU=
x-amz-expiration
expiry-date="Tue, 13 Nov 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 14 Nov 2022 15:41:58 GMT
server
cloudflare
etag
"aa008fe9bcc41b4a3eb716f1d30027b2"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
832ce4101db237ca-FRA
expires
Sat, 09 Dec 2023 15:26:02 GMT
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=27117e9f-8126-409d-abb6-a51486fe4a9a&pageId=66207&pid=71132&slot=polymorph&vid=00000000-0000-0000-0000-000000000001&fv=1298&ts=1702121162078&f=1&referer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6C27 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 843A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3H4NyU50ZeXnL5aP7_UP4tWqgAcAAAAAOAHgBAI&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOJuFHiWkqy1aHLrs0dk-t4AL0f38b0yj0bDw08MX25SvnC8dFUhDXgT9MEZHeVctAgAAAFVSAAAAAWgBBwoAMeZXKmLOftYDOSqkzGrq8Y53RirmOOafgF5f0SrqhkyOZVsJYWbu8tYTMYqv2Hxuln6ZAyQj6kygPBGC5MiHNeRvUDPiSzSqIs5yCcPjkAaEud5p8AFQTpgzh6TOmbFfO8aXE92zcMqf8MawibgBK-qey_GqxoTqeErNHtSQgY3JRqqVG2DjfCTW0rCORlJKaOvwqmSsCW1Wgf2YFjI5U6Vzaak_iJket5PUZgpuZsKRfJXVyOWuUsJqsjLcJX5jBxsfRYK-LOGakhrX0KP7F_LKdct07dLoCHTnrteqZGBIQthDHZr9lIsObYA0p0-JZkrbBnFbEWxA4ckvRtq3GR0abmFn0xK_BKPIl4022AltvOqQVuEj-OU5VgrsF_HnfHAPnTe0V6luY7cLmustxkdpwFBrettaQ9z8TXO7sjC8h6zM0TdWIIx44qxU6R1bqQ3POueNmXeHeXKjmnsj-GTbtZ2MI143ZbOfUlf4lc0w31YTglzP4uudLnXBrFipbNI_Dd8jnWcNlqwg_hJ_fnxT3Nq5wqKz-xAr8mXP5LFKvPUE-cPpHtc7-1cbStSeqrV4SxHSDNqmaKZm1n9V_MV_dUH7ZSl0OaIZzuRtawKNM3OfpXG9kX5gHRHS-vSrlifwpvWp3YqWUTyh0udKywNZqfbz4TT2RYPypY8HA0p-kX0PvrKff4re1E0HU9sphtNO1HHD3emWhlJyIKk9fPwOj7S5peauzKDKLGCu1g-Oh6lnl3JjTeQEQoU2YtOOvmC9xYTnbKiqEeuHaYKGHqFJzZVj3gFA4ZCcL2wwkSwNYgCImpc33FtOGaA8JWVKsgvFWD8bpViXxcpRhDtjy7vee1QICdo3wmEKrHIv5z-zBuiE267LvzaNZkDLVVT7VDDWX8mt3xkmR8AIbACQ7GPBsTtza7Msy32pfqGTvLhaqPNcQvFrE6A5ceFSqPeoN3dYhW4L7PmmpGWccjF1vB_mT3gdh8PoFzSRRkaspygPwmFePkTcKdGvfmvc_D2FMyfLpkQNttKcl3GtJpZL-87J-XQo2ed4Rzy05StoE2Qgey5e1TBh28nazgY8Hn0j4XIjhrg1RybRRTMa4U1-oFlR309UY5irpUKrffCVJKWkrz8ro2K0ZC0
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		99 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.thestar.com.my&url=https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353fe3f27aa022027a4b949939daa2524cca1628999b7abb9077854234650ba3

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
832ce4113db737c6-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.thestar.com.my&url=https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
832ce4105c7537c6-FRA
content-length
0
content-type
application/json
date
Sat, 09 Dec 2023 11:26:02 GMT
debug
OPTIONS block
expires
Sun, 08 Dec 2024 11:26:02 GMT
server
cloudflare
index.html
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		79 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfd9f6a9a843989168bacd471b39283276b11f104e4d4a382076f61e1d32a973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20396
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 22:50:28 GMT
expires
Sat, 07 Dec 2024 22:50:28 GMT
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7AC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvng7EOileMMsx5qHt3EDaB8FXxf0GYlHjAO7friat2CVjL59Cf18dkcPfqOdiJ_VE_nywX9aLGZhcskgZNWwOzMOFoSBYvNfYUZxw1YglP7sFJz0wYIWaBXo89Yg_JKnBOLG3R4-Vadjyg5keDlO5bIhQ3HLzN2o73KFcfMOjDtx3Kz7eH524S_SAj5Q2xiVf2YrbDU_bK_3OK-L3Lb_DR9D1svQfTmud8WWr6MJ_0dL77AKeOo-5PCoCgqlBaZ9fmMxc2Mm07yDpK7OoFyjFdw5s3EtiEm1wSRs43Z_wZwcKdpnr8BxBjV0KB2Isto9uGdSjirZmfz7NMh0oOw3AOEFZQbLpA5xtn88dXn0XGFxcKcY0k2iGFQ4nKYbnxsOAyRTnpW_ahon5O6PYbVjWmetCOZd4-aWFveITiTmuWomE6hLYp4zHOCgF7OFi6IlOz5XkNOFNHgoI5IaGTj0W5AuP9FLobv5dKYJ6nGy4rkmK2HugF9UNP-JyiJQXkyAHb5NqLsdS3ub0CEzkeF1gT5OFqdIXB0ukhb8s4SHrU4f8CpRg7ZeD1PCrP4ZdMaYStizZ3B_ugwHLbyoUPRxXmirEtCPSjM2owfOlOha80gEZCG2R4qJbnpdgWpbplx6b_BaDaDYMY6kGir65TVYl0GAgfQWOmB3vnxtMS7iyP3oAEu1OnV9V7i_juESBtS8Sw9OyhgqkFEDqCLRCZ8SzOaNdN02n6nezRXt7loTMHSE6eeYnN7UfEsiJakVnsKFN3_8-N6TyJ1jWG4q8jgOhg5_lEyN8GoCuHaC0b0PBoHgF039X8jY1Th90PEHgSA3NiqzKTe_HNKYOlhQEbHDYztmYYIjeM4i2WFBx2SSh8NQ3oHsDmU-TMEpk-RgxNWQCvU0Wj7RDwnX9-ZFdk2soqDnLvgGQrmYMf9hawXSvRucdOtKxKFBgfUqYyKPHz7CURG8t9UFzesbj1SJUyZHRltUpg8zmpu5OCnnMKOHcbGcnts39aUY1BAVJ876d6A3BPylYYwlghHVDmuogHgxTUpTblTkVBbWSjzvpOCCh-y4kgxOyjtpPVZ0bg8NFb4WgOME4SklIst_m_CCFdojFyOYLBEenbAOPG2mTu87loJc6rBlD0yqalkyVpsFola4dvlDJHD3VFxEA7FgtWfZRLgDurEL_7q0D8zP_XEXPcLQeXqdiEMbRFE7NDdQ1qEIHMGsuS8_pM5NVG7MlpRhUN9qpzrea8CYzZSAq8eJLc0LY6oi0VMdvo47JY1JlYzChDQB7FLC9Uir0F99jJn3eEJunOMsG3Zige-K5RSIS1PvYRme9qmcm65FSzYD2k-EhIy6XU1iqsvflbD_Bh1Qbpwf7PH7ZJ-OavRNWUD-LsW3FlxtoomL5FzhfSdmgPLWUAvY8n--UCqzj_LmRdPhWaRHxt7HsWSRopXp7eIu3t7VnypiiPjRdnb5jDo1g-l0e0-XdiN9U&sai=AMfl-YQja68HHRvBEDxNIJMnu8Kei0zAiqO_5M1ezH5jkLExUOmqV6wpSYZm_xqTW7Y6-tOvskcREyXDIhjvhZKgKwizK1tA5lNpmdM4s1lJDTHEQrOz64JxA5oO7o90cvXr4u9YmZcR05PcFGz45gMIj0CD2Qfm0mzrunZA8eT9TzzDMQE9odjnjeiFGTZibR-B8K8tF8Ui4JsfWs4smK_Ta_96UV9yQA6NurQBcwjBoif8zahjZNmXYOrvTrrixssZ_dtYIgs&sig=Cg0ArKJSzGoLzdr8IjwBEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=195&cisv=r20231206.68283&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF15 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcLe0yU50ZdiDL9fW1PIP0_qL2AEAAAAAOAHgBAI&bg=!GxilGFfNAAY3kmNgF5I7ADQBe5WfOEz5mMp_46SlbAcNNHL7tiYTno18IGxu_axo4q3uX3fc9RY_X4qewN4atMCnYAarAgAAAIZSAAAAAWgBB5kDStHAi6QIme77Yz2MJajgKpLykP92uHQS3Ws2OcHPG0T5XnXpgxhsIj_oZZvnAzrOPq_DDuVLA0C99ytRDmuR462bOmjOfUU6PJFe-E23cO7C-pbQCw-Z6TGeCEckmSRo7TOOC8zZIqjyK0JQrWKge50Qck-4bJfOxrIXw8R96CN9k30q6D1D0PXehEb7904PBblM6rLr5rbd0iF4hVAj3cVEFYh0AvkYnvZdAhDDozGvsaCbhMxQRu_CL3mFF7EFk884cdHyPkCEQ7wnBGwru-hIIYSgZxBjutHmL_NOkuG4u8uxAs6DRW4OErmcwdL0b1WuCvSOJ5ugu3caqPSPSqafqmEb1rpmS6x6D4aDc07n6a2gzjNLQCexQnSDmtPWuma8EJ65NUCfpqXk-oaa0uR_gFi8PUv2nk4yBjl9ss5urfzJ-5U0lKb9eoBRQxIXOEImOOeflPudoRu7K6hSlyYpoTLPyWYJk92w9zauUGPe7ye5J8S7L9m9nTFkNpXNeawgxye442jeoLM1CrYYqY3PD0kv7F-kUwzDjqoFAi1OdgXlGGWQEfniq6hQTB1XBFNG7SYddq6ZJEG-bHCPaMvANfbgdSi7Kcuq31QeySMKr4gVnXxWgZEJp6irrh4gITcmR8E8Smg-QW2GtRZcYndCswtPP7-qQvTo7Y27adOPxczSC2rtxE-qLW44uNe6e3gnsw_NbEg9RpDJNUVPYsDqcnCi7dmjwp1XULRDDWOiC8TTPhe0_StFi0Jexm9ZOiovDZZIsMToQirsNxcCBWsq8J98jDfRQtjrZW1jPOMIXEFlQm36oHVxOXJTgNiHAkbXxNcMuixMiC9DnnwX8A_JJmt0kUAhXFPUMnWg7l8kFychM65x-oWp4_ij2ZCOGjexejeEFO7LvRH_qXe0eHWjHYvQi2Ev9IjhvWJgLwkjjpKgzul4LQJHo-xMCHFGpq2IDJgHeCqZTilOD7THHyEKBaVqMfnVGXztqKwhd4Yx5Yc-rpH6zgM2dDY8pS714S43tUmTkfqqrOoPEaO_ZJUtldcoVj-xqzMNiVSXyUNDMc_d3OXc_M46AleHnDCb1wpttIQQ2Fpg_YtjZlVZCtw9IFdnwUkmlPca
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1429 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAWRcyU50Zce5MfGujuwP78WtsAcAAAAAOAHgBAI&bg=!JySlJGvNAAY3kmNgF5I7ADQBe5WfOPGlaMKi0y6eT9tyQecFqrh_-2j3w_zDxIup6-vs2Sdw-aBs4yl_ti2U8C4NNcEEAgAAAFtSAAAAAWgBB5kDbJeNGmx0hz2ae4y-Z_2k_sq6qPBE7kITvb4kV8n2qEXKKTOn7tM4cPpb0HL4FewqvsUd9CxausO1c1U3g0g6G3dxwQWI4LEETHqwe7siLvgK7o-jwUhQCphWSvxTzdpnRprx0JYxwks9b6TjEyXgaf7jPV8Ew9AHb0ZyHNHszSX31IPWSu8dDBsW1jxO73imK9Cbnr5v25j19dmC21LjNwGPJg3J9XSJ3ypumNmuU9tuRJrspvOLuowJSrckxquRJrehwOXEKcsFIDh1TgCICfXyqfIksqoLTVSCOIR7YKxrGrJlp7XZpD9Ecup_EnuT9f-kfN8HJBfSvTFgKSWC3lfQDcrKbqI2t_TEln7SjCvuoUZ8gUiVZJn5p4noM8t20BluNpgCHVxjBl47exKCIoNXCrwwM0NBFQ0Kn-BAdvFtsTlIIwPCQyEommWTZZV547Yd_CCWv05emYtj8kCRETC5IfHO9p_2fGH_V8MR5OIdj7-_qZsXtaszCBiKi8mNXIB1sqxByHumNbHI3FN61AVu0WxfoU2E7OtDtipAZNM0uAua91VyHHIe5ySND9b_I8H_Q6DAZxfjnWtf9y7WtlORov3T1pAjPVk1dpO4ZyhL9qvOSQHKAtkyq2lK8d-IIhZ90bcRBJLAdd6PTbuizc-QIBwciBT2QqDXvZBFPCtE3xWct0RwnNE751srjS-5oRejuYCBYKphr32Qo8lDwvV9qtbeVPr0d2FvgPZ96iYmByxXarO1dZ4JOxSIt6MueRxHkB863K-OwG1u0IFlOeibrtmhu5KW0H8aa-xjxSXJATj0bK7h7KVJ6Uf_y-_s4C1OGmXv36VREK-gHYo2qJohSFPuhK_11EpYmM_qOxCWaoBoq17tSnMIgFIuMSqBGG-27kgLOZn4KQ8mNuQaYMlP2vRynpAwC8NYTE2fnHKNJlVX_CZhM-c-XxyqsvJhuQsmMFSActFxQM-mDWwK9hvTNoBCYSgo6g5d6KD-n5S9gvK3JDrkkmij-XkJ5jrUN6XZmlLmslBHBAII77ijnxUmZXJHJbJTLDWnsq-8XGlGRUHmoQ6ac6qqecqofZX2GkGRyAiuj1lnyKkM5KCWftElbhGZyw02bINwJcIrS78qDgEtb_TpU6gDt55d2rYgJN9GzsDe7mRk27G6ZA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 474A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9A1eyU50ZbyVMJXPjuwP4b2iuAcAAAAAOAHgBAI&bg=!5-Sl5KvNAAY3kmNgF5I7ADQBe5WfOPJuC7eANAimr2sMcp2T3LVuO_9sZPRiXVkLTPWiUFAVuW0y5PoiAtuRrm5jbT3wAgAAAIRSAAAAAWgBB5kDRwdu-IhbNui5Uh4zmGNV-LvIH4yGr-ccyOfBf28sXgk9jN-9qWB-8XOsLMsy-cXwzP_FOVQqnHteS_K7rO6X3hw_35FoKKEPy1Y3fIies76AB9-oGv7UA_9sh9-bszIcaIAT3DQZNbjCWJZm3dGZvJpRq5KrlN0GIeJXdIAec5Rxz0i4CQvuOxffSaG5K2NUMyLqO3lD5Ea7o8-UxhoskeVrLlP4gqFUNSBga02Gt9FmF7V3uY_f4u2g7mmabOijQ4_YqAiBnUHFK7cM2TD1BAy1tqAhTfAckBj7mItk_lUEHKTx9LkKOGJqkloaKboTG_HEEiIx_nORCZWXL73lDvkV8gyQ1TtMwYLoCSTjv00wPzBbFiqVLrsx4FtCgGgkNLxkWUgV5uOvCKNOa51U76hBDX_4jwxhfu0vB5Duy1vuRU2jb7sVmhsb3rqjb8temDfmiGr8OSEJ24CPthNMWz2F5X9CqKNQuZwceJa4PRAfRkgGshz27xaa64hquct0wahN-LIO6IHrqWS87UOgl-tzGWOSnBRpioMrpcvdJQzlv7stK1ZUg9TBhavKjXGdMY_Shbj4M9h4kAbRluEVZ8PNE5dXbeFZnpWgnGfXo-sfPScXsRYIK-V-z5sOOYDIlCgSXRXE6uVBanbIi-Me1APqHR09U_FMHQqVNQt9aBmC-qWS6BCJpH60mHW8YdCDew1i2pEL5wDSqgsnjCx4EW59HRY3Hc-TkbB8fUQd4eoEYeM-yf3-JtoaArNjEw8y2Oiez9HHlHxR1KdjuHPd7-b9uhA8EbIhYzs2mSyqddYHa-O91Ma9D2E9oHn7TkakHBV-uDK8_PFvHzLQTBOU6ywqWJ6oHSDUEci_FiMVjgrkcOP5YTkxuFfUuZGIu7VlDqByuj8H4M7ZyRaflf3rD__yaLVI57sT-p8r0iZWI0Ts9okuFehYj29R-u1K4wT5ur5H31fwznkGRvZRfQZuGON-JxgJPSAyDy3MTZ91DE_AGQWhNQ31bmXHijy2f8KiP09uAC_1mPh0GnlBQ1IPjIvs44FHvMQBc67gUPQdaSzJqR1WXQI2F8343TtGAo7pt11cup9X0wdHEw1r12Wq899cQoJc4gE8
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
aniview-diag-server.1rx.io/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aniview-diag-server.1rx.io/pixels?adslotid=18c4e53c6364fba4cd9e6a2&iframe=false&siteenv=html&page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&clientver=1.0.0&pageloadid=18c4e53c636a367f22df25&cb=1702121162294&event=error&message=window.unruly.native%20not%20defined&event_time=2023-12-09%2011%3A26%3A02
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.127.206.103 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-length
0
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C27 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BpxKkyU50ZfXJOP6ejuwPnvmcoAgAAAAAOAHgBAI&bg=!0NOl05zNAAY3kmNgF5I7ADQBe5WfOHGdKCsjaRltsYR4hat_XvZlCOvNj9DKPYpTOqYrdHtKgIKumECEad2-MLNqfkpPAgAAAD9SAAAAAWgBBwoACcm9VmFN0n0p25kDWrve3140CGRSSn8QxfLRv3yyyaFykeM3VliiTmYh7owxrIT9qCV1t2wcVeK_0t8dNjIXSmXON_Ms64gQD26D3g9c3LjPJS1FysJrstlLMEZgb2hTWvlVzN1CgizZB1G_dXacE-qtgAhzwBuQ_gBMUC1096_0EClnUrHhKHTMxPKFxCoBHJW4n6x1pKiTWGFMu67_Pwo7DHbyG9kumFKeLKkLiq01KpEVLomiuNb_iKYdvknhUrFCIXJoXW34KX0lUHnXEMrqF2ILipSgmB5r0pTrr_f2EAQQn38foyOI-J0wPixryo_XvGlMoHNr5ZqWXQiUbhyFLYhxv20c77HjLqqXbH77txy8PkhwNDKtlH6_OqYLbjDbCCdsOX_4KVB1Rk3KrD-ASvE-EiP-WCXkiBeM1AV3CHOqOW_G8q0CWRjfAE_YFewI6a1aVa0eZYPuDGRzNzNhedqtrjoA_lwQxyCy5757QbCxN9tHCn8wXrilHag3Neff9vM5HiMXVbAawWRjfjY-yLyob5dXXh58iRguQ4u2jBWVNX3jJ3mnzj2gXZPgNeCUc7rQWcMbK67KQaWEJCrJkkDFdrJQLjw41prVvTmYAKkiXlLALVidqZ2mbwb8MLZ4J1BLfQNIyimuban975IwJftisfLmDfA6fgafFJ0kO-LfIGngLvEfRlAqEA9pab4MSnImINlyaA6rmcbpz3TGSqIrvaIs5Yg7hHKl7l6TmJNG41Ct1w3a70GFWD--G3ZcS1IRPdaCZ-nF62Jzgh3E8UIN9bTKBtqLFwlb7F9pNaXdzrmLgWzVaVGctBTNAR6glZClwhM5PENXUqziudz5C9JT_UJ-o18iNafRBqAv9y7S_jWd1Q2cjEepYdWloncIKulogFzVTeuT0z0xT-H9bfPykbfMFPmjtpcUtrahitImHLQ11Wsib5gAju_8Sf9baPhAyne0k-2OkUBoy1U9XSbcCOoemxhyscP8o-lc4L4dN2fvar5WXYCfozUZrSJDpgB9vWUUPzOy5mG5_XuM23TZeF6wgknOXB4vRmWNfYwXSjLqGqv7mIxXrJkAaxEpB7W0vh8TDOCl8Hk93iOVESDVhqMSWBjXpUNOnqFuKdNUUVyOzW2yC52W9OhStwWHThiOqw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 64B1 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 19:43:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.thestar.com.my%2F&domain=www.thestar.com.my&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 09 Dec 2023 11:26:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
254365
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.thestar.com.my%2F&domain=www.thestar.com.my&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
223730
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.64.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache
x-server
10.45.10.99
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8c2af0870755a93b94d5183e842e549d77b7d8260f05e661791b0c0eee16ed08

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 08 Jan 2024 11:26:02 GMT
wl
t.pubmatic.com/ 		17 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
htlp
futalis.de/ Frame CAB7
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=87316300050411004444554012533019&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 6D49 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 2A64 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 09 Dec 2023 11:26:02 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 16 Dec 2023 11:26:02 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 34CC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=87316300050411004444554012533019&nw=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.211.181 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-211-181.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
20b9a55de8622faab2dc2141996d4e289ec1283a6744c5bda985a37488c9b1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 09 Dec 2023 11:27:02 GMT
activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035
5994599.fls.doubleclick.net/ Frame 08B7
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035?
391 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035?
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
150403ca9f6a4f6f1268f7206e37350be617bd8f7db2b38299e5df70e2788318
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Sat, 09 Dec 2023 11:26:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900019.redintelligence.net/ Frame 3EC8 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=06d16dcf27&subid=&uid=a9e93ae5e96988b2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4rnIyU50ZbWwBZH7gQeWr5fAC6blvaBprZWcp8kP8C4QASCll4JuYJWCgICYB8gBCakCYi2If_cOsj6oAwHIA5sEqgSjAk_QzAcS2fc3AnK3sJ2iNY6E99FhiqCFGJew9Y672PpZ_OQTJd59Hvznb7P6FBizNnJIhbUykhnywjarj71WJ5pXsILltmFB1ILsxyET-Q7SApBhzBEsm-uzNOpKRbc34Jlv5E8aPpIKg6XKFkNP2ZaZWgzkOGrRonL2Do8aQGIS8k-VR4fmOuRw4eouA8meKKEMhn-zTI4sgbKsQ5zyUBdP8fmjuxYYS0am9vjjXojX1rkSBUe191dRZ7tBjTxkTH3QxlGQbE-QDhgPUWP82s5uCOLQuRNy5RFk-ST7IzWsRaFXPVlMDoEgvM301ifn2B09Wsj1URs-QGXo11aCNzB3TINL_bnqAscVPFq9cFJn-nEo_bR-GbmuVVRf2jhLKAijXMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliGlq65n4KDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwjdyK65n4KDAxWRfeAKHZbXBbiwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNGZRblQhIF2jNfAiJAMv4TUCR-xqHPeSheOBgjE1IhMNa4f6gbsNWi6wqJRySOqCWCT_z1lQMGAE%26sig%3DAOD64_2w1VVP9wEfm3d_sC85ONUR-sUbqg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-A4bZGOcBbFMrG_AnrEaMStj0aMR20cM5uvQySIAGsdi5EklMll6f0mMBBsB9DvU_K_aRLF5WN7tUud3W81LNjZUzK-mycv1KjFrY7CsY3xUx8I4ldlTEw1LKM7ZbFSmYGvQ9Pj1jQTYGnkyG6l0tStjIC3RIVdxnuBrqSPhcrLuv1b2AI%26cry%3D1%26dbm_d%3DAKAmf-A7boi53CjcxSfEQpNbEpobW_2mRggaclnBBW3D7KWAVDK7wLdp_mhLKeKA5byqWGt7i38VOcyMkyz_-xxzp-eZF4s383XHtishbXF0fgwEYX-kjIbogroa8GhmMPsyuAbFPu7-o2y6ljPjNaOYu_vqxORpazCHwk0GIqV_ed-gCpZT1iXxcoW2TF6Dve5zB99Liyiz3DoYm0TDKGPvUj1EkPR_GmboF1OXsNbBM2cldbGGWwsaWeRG5uuZ4xxlhQ46P4U-eZRRjp7CmjTYRIYKtEDI_ur7q6Vd3KivGE2X-XANxurxzKIbz1e_2Rpr5ywlPMcM0BOk5O_1woInALUwE5PQOLiw-hdr2SoxqC-f9hVklLeTvgNanNxEPyk-X9NJN-027uTzkOgRt85KAh-aOgALff-w2D-Vq9Puz0cO3f4GvwkyiGfj9mpdADZ3mgm2naMLMKBt4-e-lzd15jnBED5RxPkrT3rc_muPpysxlQr4vAC_WZrl-K-LWD3eGRLyStlDQBVGKPTFGA8GQ7gYLt0axu2Wd-yqa1pdWtZqUSf4HQCgVHcnOkKKZ9iw6i801twP43LUaQ958By4Q4AEKSHZzUW9ymtNv8xarcAvUY6AHurKrRXIooB_ygnP4mL8R0aAUert7ttZmdJ7rgNy0-iJRA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=8107033198939&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
626a24372e4fe54205b8ad51145448f27e81c823e782b719f3bc5e553fc7dbe1

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2046
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:02 GMT
Expires
Sat, 09 Dec 2023 11:26:02 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 34CC
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87316300050411004444554012533019&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
content-length
138
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7AF4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
htlp
futalis.de/ Frame D6A7
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=29814200043772704444554012533010&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame CD91 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 7642 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 09 Dec 2023 11:26:02 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 16 Dec 2023 11:26:02 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame B1F5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=29814200043772704444554012533010&nw=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.211.181 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-211-181.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
42d0ad5d7152807e1f836083fd15e5bc3bc407f8cbf0b41ba55b8ce1aa0c6184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 09 Dec 2023 11:27:02 GMT
activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235
5994599.fls.doubleclick.net/ Frame AFA4
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235?
392 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235?
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
09f8442a60f280f11a578f269405d5f689ed12d11aee1114e419294becaa9bf3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Sat, 09 Dec 2023 11:26:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900010.redintelligence.net/ Frame 52D6 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d9d068371&subid=&uid=ef08210c618c31d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi_rpyU50ZeT6BKKB1PIPjLabyAqm5b2gaa2VnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEqgJP0L-34O8CBJMiItwPnmIQBrFnvYkrqXAFO2byWCIAX0y8BsvHFVXd1B0ZonP0sb97t2dDm4tGy7mTIea6wgLQP_Gq1SVNLYYxElB7B_B0VRU2lr3u-QmyfQ3Pfr-EL0NgNCB1x04SM9nwWkPXuFpgouIvKnI06DcljmfOJ3VG9eUpdl6v-QvaqEDMWFZ8i5SdE4_WbGAL2o7JUJKc_7dZCnpfmPtgBJror239zYufCO8_mxOmoHun-8qwz5s_gbm5JbakOxAA9mvcdM2NvyRzUe2uqr_J_-winNnAWv4rDLmHJz8AhC6zIbWVL6tNhqE60DNBqk33S1CHVA3ZuJr6jaIKanJ2QivaeBxdr98MS9gVHEmko9gKgKsyCxmc_XahHOKe9jA0LK7awATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI7BrbmfgoMDgAoDmAsByAsBgAwBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQKqDQJEReINEwiegK65n4KDAxWiAFUIHQzbBqmwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNbB8FLCuCwBtXUD8QQgi1o2LEIlMExln560KK4FjUfIW3lexrY6ztL9RrvLAfBXgYhLrIJM3nGAE%26sig%3DAOD64_1g9a_lu6E5dYDXGDHaVuitVFRhag%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BTOwkmXa1bl3_KIEMbLeMMnFmgl54pWis7uSyJdRmP-dozF82S8RDetp9u31gSbRWfPlFinyet5gCi6LZZzjCrPzXm7pxZcals70-JZOEgtNMMlURRw1mLaMO0b2981NUWfuZShYr2A1OBBh8uovaO-jkhbt8h4JLsumYmpNvjrlHXPv4%26cry%3D1%26dbm_d%3DAKAmf-AtuM559XzuQaI_bao2ZlzDb7hCt8T_1789kNxYDeVHTe1P88k-WMDFTku2nld4wEJMpT6eXE-nI5WURuvepmOgFpOjcbiezzYUxBF3zwlN4Pl97m9XM6SBChRcfNDOYcoK-Kij5Odnu9YKWyeFcdu_UH7VD0aU2TZacMd-_-xwsaqBEazUj2iKpZQQbhF1cQQmqt_to1MWDieCvSLuR0EmeVPT2nIjYgCha1No5fWNJkFydn7KMeqO2uw9X08-qnMmKDTPp6EOvEA-lC7g5K7w9TiNKt4jmP5x8ZNJA0z82xQdkUE4RUKpJ00NTEpr2aJccc-tCypU1aqYdGpA6hHXsEuCn5Wybl6HNmOLmKJg1LozKUXkn_ZlI1-uTC0E_2UUbqPsy2XLmAQbAUiRnHhC24LrqMRUJ-VLYP_UrESRUI_I8DinfeJ9XDLKNTw9Yu1cqNc4gLYDE-wk6Fg73VQzntIVZXJ8LmKfoKsJZLR__jz6f_krijGpYQ1VeFNQj9qLKTlUYWByj3qekMC0LmG699-1qi-QaFLW2kf977Mz3KDWGTKB4bJH-6F6aROp5D40MQ2Ky7I2fX6PYHPapD3tiPboifqP_Unu682KbYlKrU6KdzKeXpoF6_G8PBlJF9Mc0_tf0RyrYHjA49bdV5PuuBBhYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=7616102125507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
022cf9f17fa8a7248c3a96ca624b9fd44b79d551d1fe29ff147972992122f600

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2049
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:02 GMT
Expires
Sat, 09 Dec 2023 11:26:02 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B1F5
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29814200043772704444554012533010&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
content-length
138
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2113 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
htlp
futalis.de/ Frame 3459
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=94683000048362804444550012533016&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 01A9 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 09A8 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 09 Dec 2023 11:26:02 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 16 Dec 2023 11:26:02 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame F4D5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94683000048362804444550012533016&nw=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.211.181 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-211-181.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c0bcec8e35eb4ecb4cfdd29acb48ec3038bb16c1ddf18fa54d6b7a341e4f2c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 09 Dec 2023 11:27:02 GMT
activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984
5994599.fls.doubleclick.net/ Frame 61AF
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984?
391 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984?
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
66ae9f9772b0c423b8e264672ab21c6f1cf50fa86120dbfc15b209e1e24962d8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Sat, 09 Dec 2023 11:26:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900016.redintelligence.net/ Frame A365 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=05a80d0524&subid=&uid=cacb24ccf68053fc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx4etyU50ZYuyB_3Z1PIP8fOqqAqm5b2gaYWVnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObhICABKoEnwJP0HdFcY_eoIW2U-2KrvkZ9mB5w3M4GJ7GEW1Nh_2ZeND8P-KzCwnUp7YQ36f5q_TyM-M-UhRjIFx7BU_9XPg2h6-sid9th5zv1V9yzvLUBo6xbAq_7XS8WS9UFUyrB8pfqdciMYqRIxcnoZ6giJ3Vu_A-TPYp1zkPlqe3giU690FsR0clTA4dtlMHiKUIL4WbnOO_WHSSkLO_JO279XhpQcGzagS9NZcIUbH3xAeb2m4JhGl_7uUoW3amFJo712Ud3_s5o20i7tnHMqEz2ZDxyFgjFYpSc1llTr8PbPeaxpMIKbmdFkgBdpBwBlcuNhbu5igF-5zOehX0ZmCybFz6Lz_Y9bDzYw90hzUt8DNhV1U5bqNtf3drvUZAWsL2FsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3qK-5n4KDA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIqdevuZ-CgwMV_SxVCB3xuQqlsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjHFQ4kjgBGi8PPcGj6zc-bb6U77pvi2TWPEbbrn_7AGE3La7wedgD7El6AAuquwMY320pr2_GAE%26sig%3DAOD64_1XwvkXMCvhR4i4PQBCV2HRyPsglA%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-Czd25OWVA3V7Hoa1L7mJTbVi0B4KHI6ofV1F9ULjHOi4Vn12HGOG6NuIoe0eFiYgOLPv2FIbCJVbav2v_WJUoZd0gOxIXVVhfTurwv_e7T31tfbYbBmM-yUi5udrw7ICwo-TyjZusmssjlVkHmilsCov3fNGX2FTqSmhW5HkIWqoReBq4%26cry%3D1%26dbm_d%3DAKAmf-CTUZEBRgqDveOQX2ZrqRYio2QbE-whj0svoi16edXcqGJUd9SjgpOb6AdSFfC049S3J_loj4S2GxcHKVyPJvq336A2956V0FqkjT9h-EF3edqRprqMa05PlFUQXumUsYlWnyEcitVQEu_0C67bE5V_3EZ8PiAXqBnjq7NSMdy74xlRsPC4iaLMq-IULliOJhALLsk161_hBeanxDl85caWU7JCOvHGKGBFFGkGol55u8AJCjJ9ED5oKFcvYoGiX8zNBXKgUaMrsmyye7MeujpqYTzdXUgvZoJfAFnaWiRV92ifBV4ZapXT-u1ienY7Ctsm_BC_0yQRoDlbXREOZIbV_LZowb4mAbizj5Jsc36-X1i-HdWszoVTl2oIpQQXdcWQte3xDacdXbPgm8F_mNtFADYGlDzSPJOKc_U_3FJ30866Ojpy-zdLDa3WKIMYj2sdTuDD7tzOhO-DgLowW49QmQbOpm__nu-TSDZpP2MSxrLPtN8xEQOv8E2NIYvjxVtCyBCyThztRpWq73M9Gtekw7fIbhZB7yoTblKCGu8w8lC2nfwhlLtH1skp6aMArsCi0y08hIZQ4Rr6SjQaVxvGBPOpGqpW_q7fmJhrr51hh365gb9GH6Md1hVNg3SpRqL5F_DoJHmpJDYwvWe23OOFG-hFOg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=4257500606043&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5e16f94c38a707a318f9de7229ab12619d5958e6bb364b21a9699dd7a72f5bea

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2082
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:02 GMT
Expires
Sat, 09 Dec 2023 11:26:02 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F4D5
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94683000048362804444550012533016&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
content-length
138
content-type
text/html
truncated
/ Frame 34CC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa71f9c21951804b669117c64c7b5b4b4c7e237bf700a8ebf36626d3faac0d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B1F5 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b9fb3e288402ee374a562627d2690a7c921eb7eec582caba1a5c8a2b42c3e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 47BD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F4D5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e0a58c4980f60f2469c0348e4c523bf76b97d8443191e14dfffbd5dd79954a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7AC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvng7EOileMMsx5qHt3EDaB8FXxf0GYlHjAO7friat2CVjL59Cf18dkcPfqOdiJ_VE_nywX9aLGZhcskgZNWwOzMOFoSBYvNfYUZxw1YglP7sFJz0wYIWaBXo89Yg_JKnBOLG3R4-Vadjyg5keDlO5bIhQ3HLzN2o73KFcfMOjDtx3Kz7eH524S_SAj5Q2xiVf2YrbDU_bK_3OK-L3Lb_DR9D1svQfTmud8WWr6MJ_0dL77AKeOo-5PCoCgqlBaZ9fmMxc2Mm07yDpK7OoFyjFdw5s3EtiEm1wSRs43Z_wZwcKdpnr8BxBjV0KB2Isto9uGdSjirZmfz7NMh0oOw3AOEFZQbLpA5xtn88dXn0XGFxcKcY0k2iGFQ4nKYbnxsOAyRTnpW_ahon5O6PYbVjWmetCOZd4-aWFveITiTmuWomE6hLYp4zHOCgF7OFi6IlOz5XkNOFNHgoI5IaGTj0W5AuP9FLobv5dKYJ6nGy4rkmK2HugF9UNP-JyiJQXkyAHb5NqLsdS3ub0CEzkeF1gT5OFqdIXB0ukhb8s4SHrU4f8CpRg7ZeD1PCrP4ZdMaYStizZ3B_ugwHLbyoUPRxXmirEtCPSjM2owfOlOha80gEZCG2R4qJbnpdgWpbplx6b_BaDaDYMY6kGir65TVYl0GAgfQWOmB3vnxtMS7iyP3oAEu1OnV9V7i_juESBtS8Sw9OyhgqkFEDqCLRCZ8SzOaNdN02n6nezRXt7loTMHSE6eeYnN7UfEsiJakVnsKFN3_8-N6TyJ1jWG4q8jgOhg5_lEyN8GoCuHaC0b0PBoHgF039X8jY1Th90PEHgSA3NiqzKTe_HNKYOlhQEbHDYztmYYIjeM4i2WFBx2SSh8NQ3oHsDmU-TMEpk-RgxNWQCvU0Wj7RDwnX9-ZFdk2soqDnLvgGQrmYMf9hawXSvRucdOtKxKFBgfUqYyKPHz7CURG8t9UFzesbj1SJUyZHRltUpg8zmpu5OCnnMKOHcbGcnts39aUY1BAVJ876d6A3BPylYYwlghHVDmuogHgxTUpTblTkVBbWSjzvpOCCh-y4kgxOyjtpPVZ0bg8NFb4WgOME4SklIst_m_CCFdojFyOYLBEenbAOPG2mTu87loJc6rBlD0yqalkyVpsFola4dvlDJHD3VFxEA7FgtWfZRLgDurEL_7q0D8zP_XEXPcLQeXqdiEMbRFE7NDdQ1qEIHMGsuS8_pM5NVG7MlpRhUN9qpzrea8CYzZSAq8eJLc0LY6oi0VMdvo47JY1JlYzChDQB7FLC9Uir0F99jJn3eEJunOMsG3Zige-K5RSIS1PvYRme9qmcm65FSzYD2k-EhIy6XU1iqsvflbD_Bh1Qbpwf7PH7ZJ-OavRNWUD-LsW3FlxtoomL5FzhfSdmgPLWUAvY8n--UCqzj_LmRdPhWaRHxt7HsWSRopXp7eIu3t7VnypiiPjRdnb5jDo1g-l0e0-XdiN9U&sai=AMfl-YQja68HHRvBEDxNIJMnu8Kei0zAiqO_5M1ezH5jkLExUOmqV6wpSYZm_xqTW7Y6-tOvskcREyXDIhjvhZKgKwizK1tA5lNpmdM4s1lJDTHEQrOz64JxA5oO7o90cvXr4u9YmZcR05PcFGz45gMIj0CD2Qfm0mzrunZA8eT9TzzDMQE9odjnjeiFGTZibR-B8K8tF8Ui4JsfWs4smK_Ta_96UV9yQA6NurQBcwjBoif8zahjZNmXYOrvTrrixssZ_dtYIgs&sig=Cg0ArKJSzGoLzdr8IjwBEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=377&vt=11&dtpt=180&dett=3&cstd=195&cisv=r20231206.68283&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
300X600-frame6-text2.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame6-text2.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d263f2a73e26d3004188d11d4938f975122eceb417e553a495061b4bd16a253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:52:21 GMT
x-content-type-options
nosniff
age
12821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4110
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:52:21 GMT
300X600-frame5-cards.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame5-cards.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03afe509da9a7e849c45b82beaf04bae7ac99b794cd7adf0cba6edb08bae560a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:17:28 GMT
x-content-type-options
nosniff
age
418114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23422
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 15:17:28 GMT
300X600-frame4-phone.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame4-phone.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6705ff4c9bd021bce7409942b5a6f4053a752226380d67e4517149d20e5df67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:06:07 GMT
x-content-type-options
nosniff
age
58795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16296
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 19:06:07 GMT
300X600-frame3-dashboard.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame3-dashboard.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcdebcd677862655ebcd7bc97555bd789479cc78cf70b3eaa58b7e318481ff86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:20:06 GMT
x-content-type-options
nosniff
age
25556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31628
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 04:20:06 GMT
300X600-frame2-text1.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame2-text1.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa40187e08a333cf7980e217d1017a177fd78c44d2c9e0b0eb18f99d9e8b3d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 09:55:17 GMT
x-content-type-options
nosniff
age
437445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6733
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 09:55:17 GMT
300X600-frame1.png
s0.2mdn.net/sadbundle/7767053680059827245/ Frame 64B1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7767053680059827245/300X600-frame1.png
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b251e5457f29de3c66fb4d422ec34b202cdc66eff6f3f737214f5bc44b01ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7767053680059827245/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:33:08 GMT
x-content-type-options
nosniff
age
229974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7567
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:02:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Dec 2024 19:33:08 GMT
pixel
cm.g.doubleclick.net/ Frame 7AF4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0tpRmMyR04xUmJWdDg1&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0tpRmMyR04xUmJWdDg1&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-skBd5WzTZH6I5al8QHbiU8IueG377c0aVHp89zDV3Btg9GwbkVn3osQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:01 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0tpRmMyR04xUmJWdDg1&google_gid=CAESEE8OyNu2BDqdm6nnIiDrlHc&google_cver=1&google_push=AXcoOmQZ1zKnHrq_qVBIpRTkYiD1G0VEzyj8uPq9p0xD48-skBd5WzTZH6I5al8QHbiU8IueG377c0aVHp89zDV3Btg9GwbkVn3osQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 7AF4 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESENntOO_z2K0091cTge2EQN8&google_cver=1&google_push=AXcoOmTWyKjx3cESsfYWJBdrygjh_QfMIf6etCqmTzGNjVCv7kLWpoIvYLAjNDXxjIRVnAMTIf6woIIyKVm1zSliDeT_RLUq0RDFGA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7AF4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDUx0NE1-GXIUZr7Z4hx_AA&google_cver=1&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-LwPzN6ApncGzjdxxNbQ&google_hm=oBZR3pfQRdyd1giPM2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-LwPzN6ApncGzjdxxNbQ&google_hm=oBZR3pfQRdyd1giPM22-C2c
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQtd4xaXPs-KByyalkmi0JsRbsy788LL5n7M-313y8wWT4nnXbMZZsI7H9MB0Bh0TC4knwxu3wmj1-LwPzN6ApncGzjdxxNbQ&google_hm=oBZR3pfQRdyd1giPM22-C2c
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AF4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMDc4ODI0OQ%3D%3D&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg72_z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMDc4ODI0OQ%3D%3D&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg72_zdIy5DoIseAbA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMDc4ODI0OQ%3D%3D&google_push=AXcoOmSM3cAnOdNZ8VkkIh3if6et8RGyCwdLd_2QWGmEnKhD_Tmkczo5JAibQqGaxtsOYUIwvV4iWd2MXuKBeg72_zdIy5DoIseAbA
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7AF4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmS6lIAQ96SObfKZftTZ3eP5fTqTlcHle...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmS6lIAQ96SObfKZftTZ3eP5fTqTlcHleqyAVGCtlSgrsJO4qKylYCRrUk2Vx9NQcQaz_24J5VNBhy7m8e98kuNhcvIX3OglWw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS1Ep7pz6mr%2FIFJBrVvFWrQwJajnVAi9P%2FT0kGy7ip93t3TuqVaJdFYZJ%2BWh%2FrkAA%2FOvj4Trq3bJxh%2BHcZHigmg37js8Ir%2ByNTFX1yp6CMtXWu6NsaafT4KOIrH7%2FOlM6xI57hRg1NwwlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmS6lIAQ96SObfKZftTZ3eP5fTqTlcHleqyAVGCtlSgrsJO4qKylYCRrUk2Vx9NQcQaz_24J5VNBhy7m8e98kuNhcvIX3OglWw
cache-control
no-cache
cf-ray
832ce4112bfb2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
-
s.ad.smaato.net/c/n/// Frame 7AF4 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPEjalRnAfIZ_M86VxWbNg4&google_cver=1&google_push=AXcoOmRWcl-XxGz6fMZ5awgCzo2YV-F3DJ1ojUO__hKe9jdxD7PSDW-SwuRCJ2SDYrfY6Biqy7HpjgxSecIpbEVH0ixxuUy4H_jDTw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
no-cache, must-revalidate
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
fyafQcuS1GReC4Pe_o2GCrZ5ctu0KEUwW22GKGUwMhBlwpDI5p1gkg==
x-cache
Miss from cloudfront
sync
ssbsync.smartadserver.com/api/ Frame 7AF4 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFRXjH6_F29Vx7GBnM8_cwk&google_cver=1&google_push=AXcoOmT5rQjtanmC84vTCXupoX_INjU-9kpPq-gtTfy9WTT9ni3N7MfGzAO9edxprZVkSR3j_aq7ArhGdrUO7k2K6oo4ZKGrGQ56Iw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7AF4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpVRTs-EjFR-ajGBuTqNUz50wHWLKk2wur0BalGcuPxhowTlPOTHxCKMbWsMTnkjgjC4ik
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 2113
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_c...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW...
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
832ce4131a6c5b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1153
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGAZs4XHUxg-f2UVaKIuMgI&google_cver=1&google_push=AXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSgGNMrpDHti817hEMDsXj95DTsCsULkBkbhMxrKpLvNZtF527EfzuP2GdLOdu3ZosqxMjE7vscusIHySqZWsnJO5dUWW_cQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
832ce411c98b5b8c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2113
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEt6Gg0KQ74mquecQ7Ny5rQ&google_push=AXcoOmSv09bwck22SRI7yThGTBwQ1-q-O2FEaRIFTREwtvYaMIqpTA6Lfs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEt6Gg0KQ74mquecQ7Ny5rQ&google_push=AXcoOmSv09bwck22SRI7yThGTBwQ1-q-O2FEaRIFTREwtvYaMIqpTA6Lfs73aNRq2GziBB_E4UEmsxEKJzJWMEErsTWR9Nwjzj50
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220063-FRA
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702121163.536767,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEt6Gg0KQ74mquecQ7Ny5rQ&google_push=AXcoOmSv09bwck22SRI7yThGTBwQ1-q-O2FEaRIFTREwtvYaMIqpTA6Lfs73aNRq2GziBB_E4UEmsxEKJzJWMEErsTWR9Nwjzj50
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 2113
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIwP8Oz5i6ndAZhcbNB0Cb8&google_cver=1&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMjQyNjY0MQ%3D%3D&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-9flE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMjQyNjY0MQ%3D%3D&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-9flEjGXI9515_1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMjQyNjY0MQ%3D%3D&google_push=AXcoOmSQxCnrTLKt2Ps8R3AtcnZRREFQsW9DlrAUhC53RBb0iGpnwgsk1FzDw1Nact1DQm7nMupHQwpWgb8LU-9flEjGXI9515_1
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 2113
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQdKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmQdKsyAPM_x2bcLn1wEsMAyH9qHbHmKhomQPwMkTpWOiN0qhz5nJEN7kmQEO6MF0s7K3YLEnJDPhyUv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmQdKsyAPM_x2bcLn1wEsMAyH9qHbHmKhomQPwMkTpWOiN0qhz5nJEN7kmQEO6MF0s7K3YLEnJDPhyUvyNFs1PiwZflhOoEVtg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:01 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-UIf-F9S_ORpehXazngFzmWfgFPU8Ur2WoGalJw&google_push=AXcoOmQdKsyAPM_x2bcLn1wEsMAyH9qHbHmKhomQPwMkTpWOiN0qhz5nJEN7kmQEO6MF0s7K3YLEnJDPhyUvyNFs1PiwZflhOoEVtg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
710189
content-length
0
expires
Sat, 09 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2113
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQz01Q-3WoSf3aio4kSMrwb-76JP4KvQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQz01Q-3WoSf3aio4kSMrwb-76JP4KvQL70iyRoW992I4qG-4c5LzlkBoU7dZWiVIsMcO76aoRp5oYqw_A-yu2meDh5rcAthg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MjIIFYwTk0hDVXjREjq7%2Fmk5F9sYQZ4C7U7UQ6uSZs%2BPVIG1sHV8VLHldjeqZe5SL72%2FB6BInyOObf8YWcl1r3rlAsypcxbwWMmX2vzAtL80hXxqlp2kJRbV50Qht4SBVUDkbajQqtjmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEESWaLvta_oTj9gYA5DycH8&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmQz01Q-3WoSf3aio4kSMrwb-76JP4KvQL70iyRoW992I4qG-4c5LzlkBoU7dZWiVIsMcO76aoRp5oYqw_A-yu2meDh5rcAthg
cache-control
no-cache
cf-ray
832ce4113c0a2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
report
sync.teads.tv/um/ Frame 2113
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAGq3-CFUO6A...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmThtaafcht1N73Yj_zauf6czEPo6oH6tqg30PnICEfgOjrBfU0m1ySXSafyhsSNaPkgtDUg9C2A8P5_c60wILOWzwCtFPZSOA
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 11:26:02 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2113
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31z...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31zMRGtT6t_EcotWaX1u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31zMRGtT6t_EcotWaX1uAhBlz7pcuonvJpWAybpjGTYZ8W-pF7AIwly5FbHmPtCTb8TYlD16SchAuNlEDglnGV_g
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
an-x-request-uuid
52436d9b-cc46-45fa-99ee-687f6d1d24c2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjEzMzY4NjUyNjI0MTk0MDYwNA%3D%3D&google_gid=CAESEEUSie0Dgx2WcSSAnvBR3Bw&google_cver=1&google_push=AXcoOmTG5a-hta31zMRGtT6t_EcotWaX1uAhBlz7pcuonvJpWAybpjGTYZ8W-pF7AIwly5FbHmPtCTb8TYlD16SchAuNlEDglnGV_g
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2113 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKkTA1Ai0mpf-V853lej7eydiuVrN59zkWUAubJrpPPTeMQTaPAHNAFgl_Tmwr8bZa3uE6mnA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 47BD 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH2xeY9_Z-l3_Wi8XhnBtzg&google_cver=1&google_push=AXcoOmS-H2q9jSLzb1-uHeJB3hOVqr2MtUDaE61T-RsphprbZlpoN9OCO45vnqtCtYdAR2S_5hZCkAkGXlCL1ycBj8eHTEWqQ4nz
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkE...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkEw5Za...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkEw5Za20znhSuTUA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmSg-YQZtO-CknMgb1wDsse47BWeeHfn4w8apojWsAndIsNEnPeK1J1IY_Qc6nYHxudLiMxKEeGqMzuEkEw5Za20znhSuTUA
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 47BD 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjU6bi5ez_iFHQdI6QXFx8&google_cver=1&google_push=AXcoOmRkIpAGwfDIqooSx_YljWMtuQ3aWfyppdJbxksB0gwdmska6pn6G9ZjgIX2HN9y0tzGvT0oJbdtK4gwJPS1eDRbWS1M1aKe
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 09 Dec 2023 11:26:00 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEKt75oBzYHkRNOqQu_wpcg&google_cver=1&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYWVpPWDctMjYtSkRQOA==&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd8yTgsVaB46NQsR8D3f4D9aQuK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYWVpPWDctMjYtSkRQOA==&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd8yTgsVaB46NQsR8D3f4D9aQuK
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYWVpPWDctMjYtSkRQOA==&google_push=AXcoOmS_0xaEXYnUsktrmr3k1LEDLIoCC8dl_rgCS-IzH6HVBsRKbcnGlAYH3j1enNLq-dRzUyd8yTgsVaB46NQsR8D3f4D9aQuK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
pixel
cm.g.doubleclick.net/ Frame 47BD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENwzinp0lTNmuAmfu__oIvY&google_cver=1&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJs1PRCwqiQ7Z53Bo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJs1PRCwqiQ7Z53Bo
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTdMGfbEn_R9YR9RBG32B1lRJxzlwyPSD8MISOdAJocst_PY6mEXvmrXvPszpMhvDRraqSEOSLDmkwJs1PRCwqiQ7Z53Bo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame 47BD 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESELtffZkUuQYHRCOQYVADxCk&google_cver=1&google_push=AXcoOmQ7LjpUEUVsGUkzNiKUchDnUj1fcc0wDWRifJTPayw7EB0TpkC7RBdizJQcG4gLz0i-RYBZSuq2fbtSybMR_Kgj9Cwphq3j
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.74.86.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-86-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 47BD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENwzinp0lTNmuAmfu__oIvY&google_cver=1&google_push=AXcoOmSwU9WrI495BFbsOV_3_jzYkBchYGZRJBm_fNENVcKMmxf93L1tVElqrfiOUiKh6jcjJeL3knK1rrO...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSwU9WrI495BFbsOV_3_jzYkBchYGZRJBm_fNENVcKMmxf93L1tVElqrfiOUiKh6jcjJeL3knK1rrOAiGQicTk1UCei2vS8vA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 47BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQQZ3vxjlGmxx6NyqrUZCRAXoS69BtJmOgWeg1HyGxtuzirThPtC9mrFduqgVO6W70uVlHyw
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 3EC8 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:38:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:26:02 GMT
/
hal9000.redintelligence.net/scale/ Frame 3EC8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
eceb34de512a9e5f85536f7cef90337f6741fc7f85b2e6664139d2b963352b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12997
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3EC8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
14f0955afaf4ebf9814be6d3c0599f10bc0bd6ed5b6ed865fb2eb2d3b1c3a3e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16983
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3EC8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e4fd280d65a80c0533cd45a87c97623bd167d1f4aeef8800776eb1df2d4719c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 52D6 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:33:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:26:02 GMT
/
hal9000.redintelligence.net/scale/ Frame 52D6 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
eceb34de512a9e5f85536f7cef90337f6741fc7f85b2e6664139d2b963352b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12997
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 52D6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
14f0955afaf4ebf9814be6d3c0599f10bc0bd6ed5b6ed865fb2eb2d3b1c3a3e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16983
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 52D6 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e4fd280d65a80c0533cd45a87c97623bd167d1f4aeef8800776eb1df2d4719c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame A365 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:46:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:26:02 GMT
/
hal9000.redintelligence.net/scale/ Frame A365 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5d19f62a8f64b8ab0fa127a84f36681bafa4a6264dd014c09b6177ed2ef06032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7633
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A365 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c4b6054c22faa31108d53afd6f792bb26e34877a1cf53a4719590e2f255a522e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9895
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A365 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1669962b89ccf058e0eb82e6f67d0669e752f354bac84ebd7047e3e95bafbc99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9250
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900019.redintelligence.net/ Frame 3EC8 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=87316300050411004444554012533019&a=6bf734b7&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=87316300050411004444554012533019&a=e511bb88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3EC8 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:36:48 GMT
x-content-type-options
nosniff
age
53354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:36:48 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3EC8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options
nosniff
age
87127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 11:13:55 GMT
gtm.js
www.googletagmanager.com/ Frame 7642 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cb69794f9c7e24527a5cd6492c800d87dbdda6b810631c56e98470561c8e0e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64127
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 11:26:02 GMT
gtm.js
www.googletagmanager.com/ Frame 2A64 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed512d4f44ef1a28d60e6f5eb8c874e88f147bb5a0af91a025a7acf1dedf2f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64128
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 11:26:02 GMT
gtm.js
www.googletagmanager.com/ Frame 09A8 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cb69794f9c7e24527a5cd6492c800d87dbdda6b810631c56e98470561c8e0e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64127
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 11:26:02 GMT
viewability
hal900010.redintelligence.net/ Frame 52D6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=29814200043772704444554012533010&a=a66519f9&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=29814200043772704444554012533010&a=9d8eb707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900016.redintelligence.net/ Frame A365 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=94683000048362804444550012533016&a=d25289a1&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=94683000048362804444550012533016&a=c99a3685
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 52D6 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:36:48 GMT
x-content-type-options
nosniff
age
53354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:36:48 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 52D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options
nosniff
age
87127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 11:13:55 GMT
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648493be4530b2bbb9b69d7f52ceb89a75c0405e3d9da1021049e5fb570841d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 11:25:34 GMT
server
cloudflare
age
28
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
832ce412cfeb65d1-FRA
pvClk.min.js
analytics.webgains.io/ Frame B1F5 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=29814200043772704444554012533010&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:58:47 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
34036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7tPpgj535iVYb_78vlZDrysvWzD0QQKj7GFnLQsEz31Ar9ZYxC5eBw==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame B1F5 		85 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702121462&Signature=J0XAaapnE~qmmPMRLWTMKLUEAAv849uilHBwZg8tzdulNl~q7iOouZaLDpx5DVeE146ILO7NGBp6MyHxYZa4l~KFoac0fBDiSNDOD9zmW3BJW0ZiDnuBMSMJOqFh8en~B11edflu~bHBmu1gw6~GcV6ljmxaLd~5EorJWzZDQVsap9nlpFhmZHaxSHX8cy1c0rxDaew0oQPe4Qe8buDhiyfg9e4ToEAxSHVaBXu~ek62uIQu6cfwnFAYzp4z6k4PMWf3PT8lojpiNbwIPba8aPRj-VU8VL-2fonH5g2jXrcaoqWioFSrN9njkh7C~EAP1JgBAhb~38P3PCNIX1R2GQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-87.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 07:36:34 GMT
via
1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
13786
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
o_USLuHpjdJ3kYSTzR0YYpSGX62rGje8-VvRyKgSifhmzciRAhi0Uw==
pvClk.min.js
analytics.webgains.io/ Frame F4D5 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94683000048362804444550012533016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:58:47 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
34036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0d6BoPhquJhUqVZmguR5JCjI6Pex5eqfAWQTH1m6JCNNXCbotU4uKQ==
1x1.png
cdn.track.production.webgains.team/7121/ Frame F4D5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1702121462&Signature=nXwg64S0CcNsnyr82m3ITncIl0MeKRb2K9oEbePjRFvJFj2yxHpQRM9dAfS7c-TwAATiX4E6Yk8FjnNYAMOeYt~hGZ9duwGaCMnCj5qmt~mihKyQL629d2cNW4pTN-5eQon6BKO71Lppqz6QSGAowDkPb31f1hKJN2hXzdAR-K8cR1GTnm0QRBdDG8k4lx4JfcuCcStW83wJa5gcIb2tuhpJELi9HzP5PPLvqVq2DKMJwd9bOrc8pP7dDqev1EULvCsk~NiaCRCOxYkt9~7Nbaouk5Z54p7EixSYA0j58wxe0Ujv~f~3dSiF~ik8F8KzBPrGBrhQ4mbgSdXHYNv02A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-87.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 07:01:10 GMT
via
1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
15919
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
YAi_4AYfsoQzWg_hhKX4ijaQCqCY6hl8_DjSGWD5r3JLD0Il7xN4eQ==
pvClk.min.js
analytics.webgains.io/ Frame 34CC 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=87316300050411004444554012533019&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:58:47 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
34036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2AbAhZg79Vvt-YpUU4XI24bVZC5TVC_pZ6uAmsxwiRvcSpgLP5itRQ==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 34CC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1702121462&Signature=dvW-kLwPCTbJ-8I-J2txauTo-R2g2FSoYIQbRUSIvWN5ev8k2lvoWWhwYzCMlGLLYz7q4P-~~DW7OtqzWG4proL5yolt6hGewGcTRn3V0AGCwjxDPXNUtoSBslflzZUycHrXNSfg3~1IxFcgmT3wAj6SG2Q~ew0r0YOdAMfPI9FfYoEwBoYzzlxUvO19mik3grYiQ6lMO-kTluAULT0vHImO30Uy9iiDdhxG-NcwDpZKbZjeFRgJsHPf-uaiyL65Pv2mrWGjxSxsuL5VwblnBWEeYZrjnVD01KFkOeW8c11B0NYHQZcJ~HUI~d8P032BS4y3f5NCKLun42uiuzPNMg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-87.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 07:35:19 GMT
via
1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
13853
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
Jw3M4jAhYeFkv9tZY6TETMlZ1q-vx9PDZgCxuEdZxpv6bPAIZS_kwg==
ts.js
cdn.retailads.net/ Frame 3459 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964486
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame CAB7 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964484
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame D6A7 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964483
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235
adservice.google.com/ddm/fls/z/ Frame AFA4 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKqh7qfgoMDFSjJOwIdsyoBgw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3007561331153.1235?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035
adservice.google.com/ddm/fls/z/ Frame 08B7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKWfh7qfgoMDFb3IOwId-1gImQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8920377516911.035?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984
adservice.google.com/ddm/fls/z/ Frame 61AF 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COOrh7qfgoMDFcjLOwIdjIsFLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4354029111163.984?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
897583
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPygCaSlAUFFoPqcN4c427R0Luq123Ax76Xe0sKwWFQ%2Fg0L4yAQ3oymn3e%2FJ2QV5PXogiDjkEG%2B9IXVce%2BQ8BjqYpiIt24qQore8wGi%2B%2BHpO7CEHkpJ2t387SO0CVwNZqVsqONoAEoEFXXXs"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
832ce41379e190f4-FRA
/
prebid.smilewanted.com/ 		0
0
hbjson
grid.bidswitch.net/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2bdbf2d6943354d1abea6da66f5b744c4963faf9aea776430aa5cda9ef317479

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
adjson
ads.betweendigital.com/ 		2 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.131 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		138 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7adfb3a5ac5c8bfa34e7152e548f63987ab21c5a10357656c7484d3eb6415875
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
an-x-request-uuid
e808acaf-ddcb-4781-a2ca-0ae550a672f6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d64b859b46f7c2f7dbcee6408f13687413c57c1b571ef8c92b53fa25048e56b6

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:02 GMT
c
prebid.a-mo.net/a/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:01 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
bid-request
rtb.adpone.com/ 		799 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=12349171954602
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d79e687de2b0dc3148da07b8b29e42ddd99288f7b483b31b0c5fee8be74652

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbG3m1MYm0fQrL1FogHyXh510pC5XAW8ADYiLZ4%2Fg73zHwqCbOiMUu%2F4HE36ML%2FMpITVHQ7oVMSBJwuT0YvYaSl0XlE3%2BLoRDaK71%2BduZKjmBk%2FKPqaspsm%2FsANMN%2FMxliFJgJhQum7KPNLN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
cf-ray
832ce4139f881903-FRA
bid-request
a.teads.tv/hb/ 		16 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Dec 2023 11:26:02 GMT
/
shb.richaudience.com/hb/ 		5 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6e105beb35f91a8d5074e5e1c4d2fcc4ddf3daf438fea68f2157d1caa0fe08bd

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
tlx.3lift.com/header/ 		19 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tmax=3000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.170.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-170-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4e79352e79d15fa89b1ca66f93800184d3b62dded585278eaecdb4bbf0edd0fe

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Dec 2023 11:26:03 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.thestar.com.my
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
792
v1
prg-apac.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
mp.4dex.io/ 		66 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sat, 09 Dec 2023 11:26:02 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30014
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
832ce4139f10997a-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=297704&zone_id=1498490&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11601,1,,,&eid_pubcid.org=2615638e-a2c5-4ebd-93de-722c95917560%5E1&rf=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&kw=TanjungMalim%2CDrown%2CSabaroziMohdNor%2CPerak%2CPerakFireandRescueDepartment%2C&tg_i.domain=thestar.com.my&tg_i.page=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=d0818a78-d77f-4725-af84-b9143ff8f848&l_pb_bid_id=30d83d544710bf6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=d0818a78-d77f-4725-af84-b9143ff8f848&rp_maxbids=1&slots=1&rand=0.5404266861293441
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af1df901a1b50f6538d1c48215111f183cbab5115f12df92fa30d320befb83d7

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
387
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
an-x-request-uuid
2596fac5-8f59-4365-bd93-c18291036933
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
ccc9f4374862244dec50bed78ee71ce0e368adbdc53c23826372a6e9f4b4d90e

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
957b8cc149d4eca50ea904d18ed8197ad23a57d304a5e52f349b0549cac9000f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
an-x-request-uuid
f047095e-3fa7-44ae-b74f-bff58a19cb00
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=17241073801&lsavail=1&bundle=_lTjXF9kWjdsS0ZQJTJCZldkUzU0VHZpaU5NRXZhMjVTZm9RYVFIWWJJSVlpJTJGM2U0MU4lMkYxdUZmck5EMVlwOFFTSGxOa1BGekQxQkJtQ1VsaWhKYnVRZGRDc3NQTUxuRHhiVjZZeUdablJPNCUyQmY2eTZ6am9LcGx1SE52M2YxbGRiMmFHVTZkR054WWJPdm96Wkh5Vk1YMXN2eDkzQSUzRCUzRA
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c1f563729dcd48196d5a1e124d13db072038bc8d27e32d101639b4f27c917b90

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thestar.com.my
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e74d11c15143a3f9d69c6096c04253599b4b4c0fddb05ce244f0612cb9325e19

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
header
hb.aralego.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7A82E28D326E37F7B4B7326782BB4D&tdid=&schain=&eids=&pubcid=2615638e-a2c5-4ebd-93de-722c95917560&u=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&host=www.thestar.com.my&ucfUid=fbaee504-3514-4eb1-b27a-28bc75e3b95e&w=300&h=250
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.thestar.com.my
Date
Sat, 09 Dec 2023 11:26:02 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
an-x-request-uuid
48552a35-4715-4d7a-84d7-abc501fa8bfc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.103; 80.255.7.103; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 7642 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6bf86ff6adbe72061a78f68d0f50b7ad45336a7735f4636c7a7edfb290bf9ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:02 GMT
js
www.googletagmanager.com/gtag/ Frame 2A64 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9a999669a2499a99c4b220028e73b054d77f8dc3d08c53dd744815b48d07510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93099
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:02 GMT
js
www.googletagmanager.com/gtag/ Frame 09A8 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
675a1658af69c591b6e7cc8ad8ba51d5f06327e92d189a24fc47229f5c333794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93102
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:02 GMT
htlp
futalis.de/ Frame 56E0
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=66467800047400504444990012533029&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 1BA9 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 09 Dec 2023 11:26:02 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 8982 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 09 Dec 2023 11:26:02 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 16 Dec 2023 11:26:02 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame F8E6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=66467800047400504444990012533029&nw=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.211.181 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-211-181.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b3fe74a112c606218694acf5278e971152df1821b8fe6e44e28f96f9ed7e8119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 09 Dec 2023 11:27:02 GMT
activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376
5994599.fls.doubleclick.net/ Frame B7C3
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376?
392 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376?
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
81c17359388a080b3d5f5c41058197e6cb6e6e78c253c5960397e36bca1546d7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Sat, 09 Dec 2023 11:26:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900029.redintelligence.net/ Frame DCD6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=1fe1cb591e&subid=&uid=d9ac866e6faa5250&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK6x8yU50ZcOnB6LR1PIPu_K2-Aym5b2gaZWTnKfJD_AuEAEgpZeCbmCVgoCAmAfIAQmpAmItiH_3DrI-qAMByAObBKoEoQJP0N8NOfhsUe5c-JxRUlnkZQRqqHVMENxT8AxXHoNOi1lgj0Y2HCOIsLBcAtQH5RPj8F_oKjXssppcJY1h0NE0KTmZE1W93uzYDqF6Jg7TPJOpy1N_DJ1-lX1sHUw2cqZsE0p7l7LQjN_45puZcoSFy6l3mfgyA4Z9DfEBtFqaq71iGGkQYjcSQd_A_m4Ag1LUowa3JrG-iFGqD3UOIdBL6DQxin-ZVmib6eEPpRfWA4NaRptcQ_pbOH0arMTYAmaNf-OlusGeKczsHXmvkRWTNVMNaCImqdbB0TjaGFF6psOHnISa3wZ1l0G759oJLB5IYnruv5wjgJPpUBQCCQMkvcAMp2GHDh3fW3auAcOS7pQUPoKjYB-8yBBXCS8qHC5NwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOvvr7mfgoMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiUobC5n4KDAxWiKFUIHTu5Dc-wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE%26sig%3DAOD64_0dW7pOl4prdHwXlZ75o3yyYoPBqQ%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-CDj1TsP-rG3vI1fbLZi0JHqxC8KX7hSkC3BnRVJcqh7fI8hXCa9lPHzbQI0GdbQmE-k8d8o3DX-yNcRqE7dpVdLUN5FE8IWNBiX_HwCrvoBvZP3dMo_rDUmHvOnTYnp-5_0tar7qaKkbV6gahupkzItf-R3W78fyHmbWnXBVv2pG8_GUU%26cry%3D1%26dbm_d%3DAKAmf-CdaqwzTuaAdCNw3OfRVQcKl4oYq0aTdBkHiFmLE1_SzNmmmRYRqDFaRY8zUljdOR0L2TGr4_L3aMuwgPVaGbvsPmVjNJI-EojDhBDTQOq223FA6if8AZVEREKz-LCeAXJznqRyc1m6MsqnQUWenHCBrKlZQ7KltRhhKFY6Ktn0qRJ7Iya3e8ZcTp4CFHLNDn52xfP3mBmiUfim7uI0OqeJBDJ1XZeeuXjl3OrXJEjoVzEwhq7L3D38vWCqOv4P6wnMNnwNwDgsSZLx3dVuJt3kWYh08Q3UzxYgTMLb8_3VR32NfQJ7sxPn6Y2jAUQB2zg1Vk5Tvbboe6QKvAp60PO9uQlwcq0J73x7IL9oriLJ0N1Tiokeay9emcfCmHYi8UaeKSWSql7j0wUtofve8kibM2wT-OimRl7qUj5yoVPwej0GdC-Kp14kZTmzCUArXWzYI5ZkazFvZC_BmLejIuY2_vYbY_cpKYNKjEffu3CNDLyvRSsFS058yhqXImjrJ_92_npcmuwY4j2UyesTQtnBhhHSxd-u_Oa3VXP4pxJf5WD_rUbTaJOzYIlFkmdl-j-S67DB__DayOB-gwhaMTkFfNz5yTNwCU8PhrL_X_UUX0VAdIluOknUfCtxu4yYGEFKfNww8aggB2KAQtEMuiV13RVnDg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ancestorOrigins=https%3A%2F%2Fwww.thestar.com.my&random=696286330099&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
115f9d144a27c6a1a0ee876f4ca11753262055969064546b59521df99f3e4af5

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2204
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:26:02 GMT
Expires
Sat, 09 Dec 2023 11:26:02 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F8E6
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66467800047400504444990012533029&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sat, 09 Dec 2023 11:26:02 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame F8E6 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=66467800047400504444990012533029&pv=1
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 11:26:02 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 619B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8E6 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a16ac46fc3abe5319836a82f071c446625fcd99fe6d5d8b8478a7256c8adeba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
1237346_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		127 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237346_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
093bxhRq5cQIAV.Q2wWof9B7EwxoO7QK
date
Sat, 09 Dec 2023 11:26:04 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-211327/211328
Content-Length
211328
last-modified
Sat, 09 Dec 2023 10:54:23 GMT
server
AmazonS3
etag
"f323b025d7dbe32fb8270a5d0698e532"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
2vQSlmJ5rzz6NGyEeb6etu_J3DpIQWbmEcbMyg-k8GMHtUjb6T9tig==
gtm.js
www.googletagmanager.com/ Frame 8982 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed512d4f44ef1a28d60e6f5eb8c874e88f147bb5a0af91a025a7acf1dedf2f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64128
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 11:26:02 GMT
pixel
cm.g.doubleclick.net/ Frame 619B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAytd4FeKWdGYjshoEUbcYQ&google_cver=1&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQJnVK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQJnVKU2FZF7-9gs
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDU1NDcyNDYzMTcwNTc0NA%3D%3D&google_push=AXcoOmRLsxgzbgiexxW_c0H31fyUvpjhNrC-aPA3Ahd3f5F0sxOypjz3RcUYjUgtHakkpOx-gN_SqPjHK7LVkQJnVKU2FZF7-9gs
Date
Sat, 09 Dec 2023 11:26:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 619B 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ4ivj-33MYA2ZvRmYETlkw&google_cver=1&google_push=AXcoOmQPwz3vpKk6wIr9yQcK-znvDjgRrXVQC4_qHySYR1lW-b_EJcvprA7bKiSMrLwLqYoMMtdP8Vk087NY8pjHRK5a0TgU7i4
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 619B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJGm_w38oeb28Ui61GZGixM&google_cver=1&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJGm_w38oeb28Ui61GZGixM&google_cver=1&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHP...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ_0SHyLX-UiUkLfc7tsgwbIoS8Tgj-uyjnzr9CbpWt2kEIsls8Dstef2aQ17N5PllvDIiUsn1dBPiPOFVkdumHPNf1sjc
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 619B 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECZEP-gL5x8Rht4DNEMNnsE&google_cver=1&google_push=AXcoOmQbPF_7REWaTNajEiI6E5cXPJ_Ekq_2VxMAZKQCU9LMN-ErnhRzVmd60l2izLjze77P8YabvQnyuNRkmhDnBZPYzxpl6Ng
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 619B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmTmDw0aAoXIXg98FToujK5a92IYvC06G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmTmDw0aAoXIXg98FToujK5a92IYvC06GeUIzvuCTCAiTzHuPWkguvYgSW6p-4ktwkyJGylJIayMThOHzin3tQBJUEltRAbQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKXtHvlq%2BzPcoA2XXBtKab%2Fq%2FJ7BcdLNM027wAF5%2FFybSsJ73e0z10DAd46kAXWaZKTnKtYc68EVDKr1MI1U%2BtjasdMTRqZHH%2FrEGCp21jCy9a8DpthTGBccQ9rsnU9GpcS73CMp1NPvug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBmZW-h9UH5WI_3ydgSf0es&google_hm=ZXROyWLe7vYkmxV5Ue5lWAAACFsAAAIB&google_nid=index&google_push=AXcoOmTmDw0aAoXIXg98FToujK5a92IYvC06GeUIzvuCTCAiTzHuPWkguvYgSW6p-4ktwkyJGylJIayMThOHzin3tQBJUEltRAbQ
cache-control
no-cache
cf-ray
832ce413b8c72675-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 619B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQS3xumHD--H4pAsJDDVic&google_cver=1&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzG...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQS3xumHD--H4pAsJDDVic&google_cver=1&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzG...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg&google_hm=HyrutGZH2CwK9cDzR5O9i5IZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg&google_hm=HyrutGZH2CwK9cDzR5O9i5IZ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTUJtUixWKaHlklxXte8LAXUbE6rtzo3yrX_DBRshv3Y-nDMDHWKLgsjzAWsyyABe19y7vsKiaSw5pdYBLzGCrw_-vAf7kg&google_hm=HyrutGZH2CwK9cDzR5O9i5IZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 619B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELgASTbMuqxkmtF9QwGpiBs&google_cver=1&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzNTI0MzI3MjI5NTc1NDE1NDI0MQ%3D%3D&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzNTI0MzI3MjI5NTc1NDE1NDI0MQ%3D%3D&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzNTI0MzI3MjI5NTc1NDE1NDI0MQ%3D%3D&google_push=AXcoOmRB5wCrf3tPzKnjIki8I76uvSbHK2_F2Op1gGIsq-D8zBNyjU0x6LfW60W97XoUhRPsR2rf8eLtaRh0ToxzBZ0LdnVV1j8
date
Sat, 09 Dec 2023 11:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 619B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1q0AkbsYK1Qjbr5aFqKv1cBQRoRFWStyPoO9uyMnlwQSc8tHx6h7O_7G67tn150wnjC61
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ts.js
cdn.retailads.net/ Frame 56E0 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372964496
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1051521
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wF5YWMv3Pn%2B0Gb3EuAdD2XXaQLiOB%2FuarAF3dciNjtLGbrYjkfiEKa3fVFXmMdRyeh%2BCzWPRuK%2BxydG1ijkJEfcsSt59tUn1uR6Huh9wNzD8QZez5m%2B4cBP3oKvaSRfDDHiB4%2FdrbdPyHvs"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
832ce41489ad30ee-FRA
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
css
fonts.googleapis.com/ Frame DCD6 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 09:42:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:26:02 GMT
/
hal9000.redintelligence.net/scale/ Frame DCD6 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ee36c7785e6f287272eda49f3e4a80e52a9a8dcc5555685a46a0919c89df3bed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47340
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame DCD6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
22c2d89e2982127b2700361789cb945cf54cd8503e7d2a0e7589de6bb7bf2e56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame DCD6 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
be89cc9c0ee2479c37973581f1b4cb87bf07ad2d1a7e432b2facebc95a2bf236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57892
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame DCD6 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f33be347feea6c6f7bd4e964b82c49bf18e72fefcacd51262d6a187dd94cafb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
37455
Vary
Accept-Encoding
Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame F8E6 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=66467800047400504444990012533029&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:58:47 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
34036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VykKaNW7Iv16-Un82_wHPaoH6j_DskRjFVUQWwWXaiMCeOq8eiAQ4g==
1x1.png
cdn.track.production.webgains.team/7121/ Frame F8E6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1702121462&Signature=nXwg64S0CcNsnyr82m3ITncIl0MeKRb2K9oEbePjRFvJFj2yxHpQRM9dAfS7c-TwAATiX4E6Yk8FjnNYAMOeYt~hGZ9duwGaCMnCj5qmt~mihKyQL629d2cNW4pTN-5eQon6BKO71Lppqz6QSGAowDkPb31f1hKJN2hXzdAR-K8cR1GTnm0QRBdDG8k4lx4JfcuCcStW83wJa5gcIb2tuhpJELi9HzP5PPLvqVq2DKMJwd9bOrc8pP7dDqev1EULvCsk~NiaCRCOxYkt9~7Nbaouk5Z54p7EixSYA0j58wxe0Ujv~f~3dSiF~ik8F8KzBPrGBrhQ4mbgSdXHYNv02A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=66467800047400504444990012533029&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-87.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 07:01:10 GMT
via
1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
15919
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
SuB4Do9afsa7Dt81ku4NB0PhCftCBEpAF_ELoAb8IqKCqZ0Maid2tQ==
js
www.googletagmanager.com/gtag/ Frame 8982 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9a999669a2499a99c4b220028e73b054d77f8dc3d08c53dd744815b48d07510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93099
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 11:26:02 GMT
dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376
adservice.google.com/ddm/fls/z/ Frame B7C3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqWl7qfgoMDFWjLOwIduA0AAQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2163286804422.0376?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900029.redintelligence.net/ Frame DCD6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=66467800047400504444990012533029&a=b2760c74&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:03 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame DCD6 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:36:48 GMT
x-content-type-options
nosniff
age
53354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:36:48 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame DCD6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options
nosniff
age
87127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 11:13:55 GMT
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:02 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e81cee5b0dbb045559ea33694c3a87602c7f32abca7ec53bbfd5366f6d653552
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1237346.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237346.json?callback=jsonCallback1237346&_=1702121158885
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e7cd65869288e9dc4dfc94c969ecf381b4d97a3409cebadfaf489059a80ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:04 GMT
x-amz-version-id
O.KvJIJoWxA90RZzQec.VgNEIomPftEn
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:54:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"f2798d2815aa346cabc735c148ff0df1"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
1984
x-amz-cf-id
1eCJBaRHaMTNqYFQzEoYtK3t4nkQ0M7nl6epNyQbflbFFIEPmmYeRA==
sdk-runtime-config.js
buy-ap.piano.io/api/v3/anon/assets/ 		266 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy-ap.piano.io/api/v3/anon/assets/sdk-runtime-config.js?aid=Gr82HQx5pj
Requested by
Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
218e455917fdae0bfc7b210a870ebae55d8c3da1edab012673d32520db042614
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
12461
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Jah3e5su7ic
wn
prod-ap-dash-10-15-4-158
last-modified
Sat, 09 Dec 2023 07:58:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
public, max-age=14400
cf-ray
832ce416ef44905e-FRA
expires
Sat, 09 Dec 2023 15:26:03 GMT
v3
id5-sync.com/gm/ 		319 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
f5b5f5c22f5b8e88adca3c26f5be550106cdd7457a7c85cf8496738d94b31d69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
tracking-event
api.webgains.io/ Frame F4D5 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:03 GMT
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame D6C2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92f00a1c0734c67739a4e622b69795cbcee6c758bbeea36ebfb2cd80be015819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12332
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D6C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX7Jj0tHxWBoOfZoMR9VT1i6O9vU9M7DILBR7mIWeZxa52NfGSu-U4KjNyQE9-3NXZ9aMnLE-aAHoeAVVK2_vGPc739y1_f1zHTKmg556b2ulukhO2_iHgYXkleKrFd73SiMCg0ylJ1NBHyXd4YPVZZ-sCSyK3SA6k1o19_XnSKaWh_0s6xnzhs9QB0iW5HSDJL8SN41_9ifjJ5O4-20oNJ9rKufAKC7YQ01b39yYannjN-z8TSOwOn4VczcV-OikjB0O3hldFsziqSerMkLH-EEP960QzX16ejseMlAsk5SWg4dwzEHkHTAEaJGQF1Ozo18kVNqZvZXVG8hqKW9rBcLQcVzlwf5tpsrI0VGVjVfro40LTCR3aogRi-njNfPFX0GI1EA&sai=AMfl-YT7J0luKUexL4owKHMk9gha4EQcfFEZrsY2L6y_sAFhb0haBZJY5MZgaMb2wvF50yUVuEgKTWDj_tYvlYgFOeQUmfHUUD5jH16TRiKPKOQrMz4l-u28yfG8BkgKXoljn35jxzi2tiqZRQ&sig=Cg0ArKJSzAKf3y3haKt4EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 11:26:03 GMT
tracking-event
api.webgains.io/ Frame 34CC 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:03 GMT
server
nginx
tracking-event
api.webgains.io/ Frame B1F5 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:03 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame B284 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1b9hwyZfvQhvofl7AV6vQU_lfpuCjSuzGXbTD0LM49fXgP6OFTu6dfWfys03jJg5qDcEY0OubM_EzyZz0aU6xRg__bHXnt8OJHHHSBXcaWDzANp8BcSVo3GQCmLJCmzgRdKtwRYMLSzCbVSBQ9MezqbobqXdBCF5RB6n67k6ZHTsTA0uCHQUntk1ekam2uq4kHe0-JkPoC8c-rqezpu0Zip3G16heycaTWEKsChTO49pIrfUS7nnc141XbYzSUjFOXRyGpgrUiO3K_pn4pQ-UoabR6lhiLzi-Obs38_TxU-ZMRhyCD00eulVyqmlcUgPDLyzOvcGVch6pqjKpVVbYMF_9QwBMu0E6SbZyuq-RmLj2URcw_J_IRRBl3-vrBk76Kj9qHu1IE1oSkbMlrstjSs7gQsYi8IEOYpgP-phm3jAm6EByvp-HAZb2CH1NkGRaew5x0VZ4puMPtdjWO-aQEoa6uL-g&sai=AMfl-YR1iQlKsvZu3n7o7AhJHMQXNsNa_SzePsECq68iC4N57eqTxY3ZRiKIYOenVuOWK0A8khsNKZ7KT-iXFwnzQed4f491dSxWougAljBvL5OSAJkZax7jE8yNONeuM-_kty_lqg5oxUtUlA&sig=Cg0ArKJSzNdgF_vLPcvZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 11:26:03 GMT
tracking-event
api.webgains.io/ Frame F8E6 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 09 Dec 2023 11:26:03 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D6C2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:26:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67D3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 23:42:12 GMT
expires
Sat, 07 Dec 2024 23:42:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29ED 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6187259b2b1bee37922048756e7c179349f7f665749c40a28eb69dd83cd9a7ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bNirsUNdQWBTNdjWHtIcpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bNirsUNdQWBTNdjWHtIcpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:03 GMT
expires
Sat, 09 Dec 2023 11:26:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 67D3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
1237346_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		110 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237346_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
093bxhRq5cQIAV.Q2wWof9B7EwxoO7QK
date
Sat, 09 Dec 2023 11:26:04 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-211327/211328
Content-Length
211328
last-modified
Sat, 09 Dec 2023 10:54:23 GMT
server
AmazonS3
etag
"f323b025d7dbe32fb8270a5d0698e532"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
7GYOrjtPNLsKcCnOb24eK8HImIM4MUcVh9rh1_rLcae36d12OvoURg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 29ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=959291384267449&rc=null
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
1237325.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237325.json?callback=jsonCallback1237325&_=1702121158886
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb3fb357d0db0e65d816f0aead6bef0837ba86b4c08e06fa9d06f2b46a3dc3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:05 GMT
x-amz-version-id
40bG37jdClzDPionjENWXVyvyK5zc_0W
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:54:26 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"135224766af80d59bc0d1212323695ab"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
2267
x-amz-cf-id
weOQsSslWIezlJdSNoGiRUSM9x1uj9Q49-olrr_FL94XNrqNrp6Eqw==
generate_204
tpc.googlesyndication.com/ Frame 67D3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?H_TRXg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viewability
hal900029.redintelligence.net/ Frame DCD6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=66467800047400504444990012533029&a=b2760c74&vb=v
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=66467800047400504444990012533029&a=c95b3882
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 11:26:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame D6C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=959291384267449&bg=!ODulO3TNAAY3kmNgF5I7ADQBe5WfOEwfDFkjb1d6UhIlt0WPo1IGbCjRaPd6vsUAdJERf1Xl1dnbSDs-sU5jD79L05nBAgAAAEhSAAAAAmgBB5kDGR1HNCRXovJc62unoYNxZLIyUziilmyy7S-eRYJMq1SMD3HoK43yr6486vkg-Q_5eyF6L6xWGE4dsaSIxoPyVxFuJG-2ejVNrYle5KTu2OHFIKzncbpwp8rFLyDB0iQ8wLVF_7Og1T35YT7JslGh9DmClmJMbT6d7XLigdkZYk1yWkKmp9ZkZiOaXXv7xgf21aSj43JTQj7iAlkbmiNWxLrNNj7Ou76g201gd-7CHcWQap2Fcn7p58mbZOHsBTfQx1q2R3KH85O81OoiodOSsRMuRlvQFh14PYqwpRP69QF6Onx1Zd50oeemjWmXqXRsitxZT75qG0F5MhV0Dj1nUTj778oBsEEV3Mp7gkfTQkYRqwY-SiTNBVtnPzoS6QI7YDy0ksUwQBiGuhC7r7eyQgxSzRac2nRwW8Puh-hDm8Fzl4tyUrqghiQFArofnoF-nc_PRsWWPtL4booMwPq4dJcTDNsgdBazcz246vEGW5paLSvvM-bmzwkfOXFo7-i23wDXQJa-tZBgkTRztMO3CdNwmcLE9zmbVrcJFSIQY40wdv0bRdNC2Ba0WSMxhGXURg03FTfe6I8pWZPeHxz-q0xZePRjjHr9GOYft6aBtdXFIpnLxb30krZgddbsTlsF1AZlMyU2QpMVLtwV9QdAnuRQi8k3SHVU7WK7nb9JlN0uwVkUurmBHiYrq6NAy0B5MRTLJFWvNLjmp8o0pCQvo6tgrU-E6pVAezc_CunK7MsFCFPbHD8tFQNJsZDb7scp7fxQxz-y7uqi_jo8M_LRUX0MuIf3o6Mi7GqVIry54KaMQryESKUOYdzPQm6Ad0JePZWqS3QKAHxMEN60ZbZwU77tR_vvUgyrtPE62rhHvoOFK-moghii5-OQ6vSghjenGfFoj6skyysfYaAiGfX_1Z-KxeXsodV2IqoHK5ABwjyakrfiQVGavT6VbtDDQr7NTRfTihO2mv2RtLInw8WbkGcYrRXWODCIxSAzfMrnMAr5-Q_6IKSHdh_qyDwfvqhWK8v7T53J1l-erKGnKGO_QCnCCpVcWMlvEPY
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AC8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjqxkpTowdqMM2wT8R0p4O6NfF7m5OF6mjnsyKQzTaZuZQEsqIDqgUlG75ZNb2gYHl8cOw35G1kxD0ajYbW3s8AHnKdotyBoitzQCr6T0xTF30rM51-zZHEqCVHx4BWk_7L-iQ5Rvgc9Qs&sai=AMfl-YRLgfQPn9G32i5Zh1wb6kkQeYdhZLsaKDnCt2BYozQpze59XuIBprKP7gZefFlnpoiRvo6LOIfB1i3ruhkSHFEEbJZ9GwKSPrVSX8nEwWuZD3L54G40FQsu75FdPg_biXKg4Leb_Dg&sig=Cg0ArKJSzPtvl4fjDDYvEAE&cid=CAQSPADICaaNBor748e10TRKBSvZo0r_DwE15zSgl23dkx5z3CYCpScb1EDbNQLCrT5DJDfzgIGdFQUKlp3cdRgB&id=lidar2&mcvt=1000&p=506,1070,1106,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2166171109&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702121161709&rpt=1908&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseVefXZsw9K-ApmWduft9q_WU4G15cy_sWIwhiM4pybMiQvv9eOejtpRrZ5W1bKB7QBa4cEldvAiNlyqcqpRdxLmcgWfzc98NqzhIZHUrHFhtB4EPhrXFFiKxQqTwBeoc&sai=AMfl-YSJRnzixeduu541LgG_5XDaY8zt_u98VGYLSHDVO4OixO4Bbi7kCJULQgyKbcw7GkZ_Whx24ZNZAn8bDgOP1kCV79nNRzvD6A6VgJYsbuKGyhjDGx-qGIoSpKH6WPmG4WRRyWudiQ&sig=Cg0ArKJSzEEvWNMty1owEAE&cid=CAQSOwDICaaNfD0j-AC1nqaCIxxo16uXsvnE4fwYX8if78PoXEsVZndagGoUA4Ubw4BfZOV9MsUvpeGrujNaGAE&id=lidar2&mcvt=1000&p=167,315,417,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2910908103&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702121161408&rpt=2263&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AC8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=599679828418&version=m202309260101&ct=119&x=1&cor=9778367006126514000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5982318479145&version=m202309260101&ct=77&x=1&cor=6124800881718185000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=523629007066&version=m202309260101&ct=77&x=1&cor=1723389210711828500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8E6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4866042023670&version=m202309260101&ct=77&x=1&cor=17467128980463888000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7841191587761&version=m202309260101&ct=77&x=1&cor=15322009557847505000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1237325_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		66 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237325_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
5LAiJzhLZJe_t.8OJInfgQXDAQnQhBSm
date
Sat, 09 Dec 2023 11:26:04 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
113
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-301087/301088
Content-Length
301088
last-modified
Sat, 09 Dec 2023 10:54:26 GMT
server
AmazonS3
etag
"0d5d310b514386907289bac80fc27dd6"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
-uLM6C943OrfbFa0TsskrnWHwXORobdlp5yU4D-4FcXlmkqqRWbq_A==
1237324.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237324.json?callback=jsonCallback1237324&_=1702121158887
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebb0f3ab4553ad4d87251ac66f4f60db09dc1aac45a0c3008d9319536712f3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
x-amz-version-id
wfBrBZf1abtsIkE66ALNZbd8o70a38c5
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:54:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"9303ab21c8748ff2561ff112395fd4b8"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
1993
x-amz-cf-id
-ebLgFZMMQDBklTxpaaE4s7y4zU9GcfMuQqYhIBiKF9Q-SviSMOchA==
1237324_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		78 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237324_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
S2GEqCv39oSlN2z.cNprC3Rf2EULVgqS
date
Sat, 09 Dec 2023 11:26:05 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
113
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-212479/212480
Content-Length
212480
last-modified
Sat, 09 Dec 2023 10:54:29 GMT
server
AmazonS3
etag
"e9cf74df38f14a01fc04624b7b8fdc23"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
oYD-wbOek2BOGPpRNhSRqB47uVt4RB8l-Xq0vAT61amRqv8CYY5Nqw==
1237301.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237301.json?callback=jsonCallback1237301&_=1702121158888
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b99336c49d0d9f2b7ed9977adff50e5b91a968e626268d2198a5b33d493486a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:07 GMT
x-amz-version-id
b80iXPiY5bfMgnJlsG_..ztxnu8q_lbL
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 10:54:31 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"32b5b977b56a8d45c7d3007a76de431f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
2116
x-amz-cf-id
HxbpJbt6g_UXDbdnKdFS8PdNEASnLSTzAPHeIOH8GQKl2HGK4plsBw==
q
p.adlooxtracking.com/ 		113 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&s=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_BTF%2FDesktop_TSOL_News_SP_BTF_Lead%09div-gpt-ad-Desktop_TSOL_News_SP_BTF_Lead&s=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_ATF%2FDesktop_TSOL_News_SP_ATF_Megalead%09div-gpt-ad-Desktop_TSOL_News_SP_ATF_Megalead&s=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_Mid%2FDesktop_TSOL_News_SP_Mid_STO%09div-gpt-ad-Desktop_TSOL_News_SP_Mid_STO&s=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_Mid%2FDesktop_TSOL_News_SP_Mid_OSV%09div-gpt-ad-Desktop_TSOL_News_SP_Mid_OSV&s=%2F21764785206%2FDesktop%2FDesktop_TSOL%2FDesktop_TSOL_News%2FDesktop_TSOL_News_SP_Mid%2FDesktop_TSOL_News_SP_Mid_Slider%09div-gpt-ad-Desktop_TSOL_News_SP_Mid_Slider&s=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_ATF%2FResponsive_TSOL_News_SP_ATF_Rect%09div-gpt-ad-Responsive_TSOL_News_SP_ATF_Rect&s=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP_BTF%2FResponsive_TSOL_News_SP_BTF_Rect%09div-gpt-ad-Responsive_TSOL_News_SP_BTF_Rect&s=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_News%2FResponsive_TSOL_News_SP%2FResponsive_TSOL_News_SP_ATF%2FResponsive_TSOL_News_SP_ATF_MiniRect%09div-gpt-ad-Responsive_TSOL_News_SP_ATF_MiniRect&s=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_AdRefresh%09div-gpt-ad-1610954210262-0&s=%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_ROS%2FResponsive_TSOL_ROS_Mid%2FResponsive_TSOL_ROS_Mid_Google_Interstitial%09gpt_unit_%2F21764785206%2FResponsive%2FResponsive_TSOL%2FResponsive_TSOL_ROS%2FResponsive_TSOL_ROS_Mid%2FResponsive_TSOL_ROS_Mid_Google_Interstitial_0&s=%2F21751243814%2C21764785206%2F358804-300-250-14%09andbeyond30014
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1adae67684f61b80a85c973cc5fa0011e1a6c1d8e8ad73cec5f48f3bad3f6a9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-adloox-pubint-version
20231209073109
date
Sat, 09 Dec 2023 11:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
80.255.7.103
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.010, ua;dur=0.038, segment_pipeline;dur=0.464, segment_ip;dur=0.007, segment_iab-valid;dur=0.021, segment_iab-spider;dur=0.921, segment_bs;dur=0.060, segment;dur=1.742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 11:26:05 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 11:26:05 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=149
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Sat, 09 Dec 2023 11:26:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093114701427381&correlator=2369817889827008&eid=31079992%2C44807746%2C44782499%2C31078978&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21751243814%3A21764785206%2C358804-300-250-14&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&didk=1585714552&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc29be629cdf5a6ba%3AT%3D1702121161%3ART%3D1702121161%3AS%3DALNI_Mb8DNDKWzQzOUSoDI_pjCTgLM3PmA&gpic=UID%3D00000d10df9401ed%3AT%3D1702121161%3ART%3D1702121161%3AS%3DALNI_MYsRgNfXHLd25g9ddujgc4Vp3cbuQ&abxe=1&dt=1702121165890&lmt=1702121165&adxs=545&adys=1387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&vis=1&psz=610x-1&msz=300x-1&fws=4&ohw=610&ga_vid=314418580.1702121160&ga_sid=1702121160&ga_hid=760402913&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YhPzO8sQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpg8_yxDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBiE_M7yxDFIAFICCGQSGQoKcHViY2lkLm9yZxjR_c7yxDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YhPzO8sQxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVJtdDZialZWZVhWVFZtRXdhVEpOTkdWSE1HbEpRVDA5SW4wPRjzhc_yxDFIAA..&dlt=1702121158670&idt=1413&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1%26hb_format_adpone%3Damp%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.00%26hb_adid_adpone%3D5409ca1f4346ecc%26hb_bidder_adpone%3Dadpone%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.00%26rtb_pb%3D0.00%26hb_adid%3D5409ca1f4346ecc%26hb_bidder%3Dadpone&cust_params=CxSegments%3D%26smg-keywords%3DTanjung%2520Malim%252CDrown%252CSabarozi%2520Mohd%2520Nor%252CPerak%252CPerak%2520Fire%2520and%2520Rescue%2520Department%252C%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D1096981%26smg-category%3Dnews%252Fnation%26amznbid%3D0%26amznp%3D0%26adl_ok%3D1&adks=4063718829&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dee9c8617500d4b9390ff31f903f210640fc7f95fa9eec97f9107dcbc3a4d59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12644
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5546 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:00 GMT
expires
Sun, 08 Dec 2024 11:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=45je3bt0v871905719&_p=1702121160337&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=314418580.1702121160&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&sid=1702121161&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&dt=Missing%20eight-year-old%20found%20drowned%20in%20Tanjung%20Malim%20%7C%20The%20Star&_s=2&tfd=9755
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1237301_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		94 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237301_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
FHxkRM1wUciM3EXZ8nE3Ns3mAoMsw4.F
date
Sat, 09 Dec 2023 11:26:06 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-216319/216320
Content-Length
216320
last-modified
Sat, 09 Dec 2023 10:54:31 GMT
server
AmazonS3
etag
"8ae7eabea182cf7955bba8bd7858e3f2"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
8PRKDU-yzzKptUaoK6rpCM0HlKQC0SAC66hglAEUgLHUC1vaCHt4eA==
pixel
googleads.g.doubleclick.net/xbbe/ Frame D446 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNXHXF0675qC79jyA3roE_CMHSmr61IwC_pE91utHzO6pobjZL9U-uIwzppyVGYyf92rg1jK3Z9LKZ8XzayvOoaE0JYU2w0jJz3v5gPlM3kC7yflELNAwfW3uMqP-h8KCZTti0AtD7rsZUadg9Dbnulbu7a5YAHedr2ycDsRl5mTseyinMA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 11:26:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5546 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5546 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnAaEKWq-JtqJOVBXV--CTUsuU_df8R1AzgTalyd9vyd5H5IREDegIIxN_N0CzNLUqA1EoTSYz2xHsW_i5S4zKtYaJ66_v4BCDneYjh1LpU_s2Bwg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5546 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:18:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5546 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
57176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame 5546 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp_8AGi0Kpnn3mydgXzd00HQfRfN5UlK_uM64_wX4lfUfhncuzw1tZlZkCS5plUytINh7CH43DeEQF6At09ANr-xUrkA
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5546 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:26:06 GMT
1237300.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237300.json?callback=jsonCallback1237300&_=1702121158889
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38762d53aae22b3a2f08ceeb9d0f037065e0f983891cc4bff51ab9cf98744922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:08 GMT
x-amz-version-id
eEnHhtjxWJXhcXFMr5_w8CyLqryBpWhg
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 08:54:19 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"77fe71d74fe7f0483f1eecf82089d3ec"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
2466
x-amz-cf-id
tC6icZ1wvM3FKpdHZIQo7n_xPUoSbK78iQR1PTo-Au_-c9MnT7yZ9A==
/
rtb-csync.smartadserver.com/redir/ Frame D446
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN3VtVFyYPU6unShsjnXIME&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN3VtVFyYPU6unShsjnXIME&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNXHXF0675qC79jyA3roE_CMHSmr61IwC_pE91utHzO6pobjZL9U-uIwzppyVGYyf92rg1jK3Z9LKZ8XzayvOoaE0JYU2w0jJz3v5gPlM3kC7yflELNAwfW3uMqP-h8KCZTti0AtD7rsZUadg9Dbnulbu7a5YAHedr2ycDsRl5mTseyinMA
Protocol
HTTP/1.1
Server
89.149.192.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN3VtVFyYPU6unShsjnXIME&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D446 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNXHXF0675qC79jyA3roE_CMHSmr61IwC_pE91utHzO6pobjZL9U-uIwzppyVGYyf92rg1jK3Z9LKZ8XzayvOoaE0JYU2w0jJz3v5gPlM3kC7yflELNAwfW3uMqP-h8KCZTti0AtD7rsZUadg9Dbnulbu7a5YAHedr2ycDsRl5mTseyinMA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
transfer-encoding
chunked
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5546 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8306242219661&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5546 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8306242219661&version=m202309260101&ct=119&x=1&cor=17191328623356610000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5546 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHZppZaKqGTLLip8BXeLnOeEUs1cI29096zZilfTyCg18lPpg2iGVnfUbVcZFs9BT9zMDywYmwjXZDpx3CqEeNW8eufQZT1tvtRpWApH3yIVP5Zg6UdNerEksXIwF-ZGmmXVvp8enpFuCEc902eqhaXSA1Zmig3idhRP7vGH5cuX3xlyx5dLjgZLff01Znaaw0Qz46&cry=1&dbm_d=AKAmf-Cj2juWiyp2NQY-p9hfc3C8bEic_lFROFpiBxjjYb8tEMJFG0hAm4wfQ0gUx1m7HCsF5COFdButn8ZwDK2_FYzoLepoJtblyCN18XyRC6dn3Qt-mAqjFS_mSEw4RiUYrOIY3W0JILyEzsneNalusyySpWsAYfaHGJsFi-d4BG5-2adw35qt9799R6B6qVNW-cE_8dLsLUtZsgPYjUO7jZrawxcLC_6R8Qo14j6lTTeR5u54OOlLxcLO6JH-GdFsug5eOYBoEmIHtS2_h1cYAJG9Xr8ZRZS-jKwfBoh4wlT8qkO9_4yNyowfvIwqTTb9EXwBw5nsWcUYqBxBjwnrP3bkalv9Q9dV9oS30k_IsSo12OdsSLmJDxRMHpRMhMbvXXlnHxdm-XCFgAp_vYYSTMUEJPNwSQKac_TZgYCB3LGO-Hba2d4dWB7zLmB7E8tOjvUlwoDnZKogIxtBtkmLkQpcslyYV2A6HtJO0vcUykoTAXbUHgMVALyb_lmXPkpAhGe5Vu08b21wicdhu7VZ_fSDkQ_WmZug8KGTifie-ZYvB9jKfkCS8vhzTSbWEee-Ui_HaYn7zR6Okpgchbv4vqq3hvhR2uZqWK9xXZD3GgY1w9orXfEPpj628cNf5EKcQfnq8RZc2srFb2eBImCW2Y8pREkcW_bwOUIgOwDPb_1laijoCaMJn2u5mVjtv5iA-UGEtI6w9KB-xVxJcuE8IKQ3Iwnd6UyrS6NwdXFKhp9kDng3pWABcsDGvh039bL4j33JCeZbDTJa0Yykyb7hrMrREFM8OPhCgCc4O753a6AUzCFeDeK3pVl2RJJz2McWbrp7CeYZUZrTadoRycXCVEEaw1BRBv0phqJDvivPNIm9Iib9L0F47wde0jHOj6aqY5OvepKLlTaVqNdtShvtoaM5tdwN_U38Jx19CWBOT2YNRvQWLxU5RPjaZx6yuVb3iydKIyc-IpvPMKdYA8K2ziFuwGuo0vxNEwn10TKwxlViFZt_fLGgiNlTZatFKgeHpeJhZhRDKyi8AirHRzSZXPcLiKDgQCz_v6cNRSc-msqw964-UwBCY7abW4nHHSCUUmnkjESw2LMe-7ycI14MkpbZ26rLyAGpo1Npv3SnObrf5_iqdMDlVXRcAtwQGM3NITRio0c4gWNQh8H7O3xlZbv5hQhicGWNEgSjMnfGwlbAo6EVzJZ-CHxjOUoH3wEabaY4pXg9nDoRKJYtnjCnUaJ5SIJMficDURhxap0NbtW0I6W1qG2o2yqJv9IPExfsGUGPjUKk2aqr_CR51rQFFfRw_JzMXWlp3wYQW7B7p2oR7EVlUOfYKfiX6Y1ewyZxsmWKLqsSKBCt7fgM2e5Ixqecqg_BT4SsHrnkQTqaNNruBFuRYNj-zJOTL_9C0hKdcvG3Ai5-d-GAmLbLcn0IgduI0SENDRuv37KbWme8gSgnGmZbhR-8vQCEcmxu_QtnTLnWwNHhv_SXlxak-hLPwMmJupHIQU-QQuWn9etlbJ5pTUhjooTJ9K6k6fyIKmrS8UDadm-eFh-SuCgZcfnbbHpGOLkXs5qM5o5pDgwYHIMPV_DWb6VJuN5ZEKI2e5yDrq87Ve0s3Z05UKq968I60CMFfZ07nH7YzlirYTm3wmJG-5O7TcXm4JYKqNKqtSJ55hRwDAyDotp-c8RbeLTwbF8a7pMo8UI7R5gbj1WJ0piwk_ntC3obV41qOwTV7beecGDTYU_P5Rs6Xvp7ztHO-Ix9AfADgZlxPkwo85ai4tTtedO84h0yBOsP70RRKUCKpgPkRbuHkUNFYqiIzAn_WnuqXNNvNTujLWxvFywRRmnFDUxqg6fD_HXyr9mREMFx_PJGWwUBLbjuuqC7TQnRsGVjSnQ5sZFpEHSbQXHp6tmY2fbj4U3E4w8IrDy3QEtFkFqvpp_2KYnv-uINzDkJlIERW3NmouRlxo2vi-9P87OFrbWY3KWPyO7rdrvt4jFLyvR6QMSvgRAGiDPjzRvIHVcOqwJWD6uLInqG1XFzclQvJc7PHNUi-wU8WE5UWVXdf0FGUvdP7Mao6xst7PzDt6uz7S55exDsJbtnpXLnQ59kQ7v75n2Gm8zU8Q2AHKkiz8TkYbNX73DJ2IFHFXgZ8Bgxe_PlrrUzQkYfFQWKDvX5z8ewcvHXo4YLsNE5HvI6v-uLtNfOGScDD1aLgR2SK5pk3BcMQkODlmlDwLaDGVjZ6QXkQMrv1YtZbaKvFQ-sAoyofWG3KwvmteZhemzJQNS40-W19fz6Lt22MLb8_33ubLM-VZwUn-0au3H98lqEDkBr0msrPH64G6FAJACxGqBsHYNE1EMADSeZ-cmlK3HZ_tTWIES3ZhtVEDa8yyWA-5qO6hJ6ApIX9T4W5heYZMruLDICkjibNY2FKXWhNBieUhSfyFD0jdbYCV00pEgrzyqocFmOjKjB5xPOg_gqR5W_-jDBFkE-7XHg_q4gZES2kDjkBDJDH26Zbtrc3jrYy3gSDfHsLbw0SqCVmPZiKOm9uj4s82XqRvZNMfjZsYKzXGx05FT6teikCeCxLy5X3tNxni2cx-M4pSQsaaByJMbz4qWjFB42s-5xu7lpW435ulRyk4kJRbJ0l1Y1TVfcTgIX6s6z4M73x1UeaIJu4O5hB8EtMBzx2JHwx3bGM0BsVdCu16RBkuyYRHTimAAFW9nlScpWBDRuqwhuS2LLdF1wD_WgvlMFXFqwiC-WEtjjbh2y0QtJttNnT5nE3_452w5LUDBIM2kCDmVTf9fuKOsfxlInM5NgNX5ycc3qlnD2JeovaK7-kpWDpOPSLR9VyItYObSrrFqH_-_a_cwYSZRftcm4XVHy4q6jkmqABMcMSEdexlWCfUdkerTrA2nzoXDZKHwue5J6y83eZzUFTnlpVBpLiI5gdfJUHUZ72ZenSW80c8vV5S_C3ht-sE4HrxSl2ynXbix4fa2r7dLRnCLCkcMbujPj9Ahx_sTNi6kVYTWSCGLo3OZLF2vy6OZBCoLm8Y4qh0McDsdBi0UeyRNBjNXiTk6NFjLQ8mZOpOk5dJYzA3xK2MuRUDjxdw1LHo2Qekdq1hxMova0Lo-47DpqtIzJIhmcNRRtofXXXKnAopriBdQtekmjjR4hDL6JadAf4hoepLXf3pMA23PVRBmiT11zuh6Ke5TgdYNuH6E16-xpQ8ZNce82wSgTAsJCjFI5arW5BGc8r9ftSfsfvyrot6rZ2vzBcRt_eIs9f5e1mRsNKviFgDSOHJ_mTzyLHzcVdEuh2tU4jTKitePGS0gRpGkMUq8Y7Olgo63KhQe2QGYuELkQgTUlrae_hIoiicCA-R7ys6fFIgFF0tcGfjg20u8VPSt5k3wXi5DPwhpHdpY7ulTFlzexoSfVCKj1zHHwmZMXZF2OKPUH94KwhlToM1UHtjBfq44ZRhwe3FChxbyv9MgW_a_ekGuAwyPSmr6cIDMW8RXZCt_ZqAJYA6qHVmL1ld-KOZhsk_9e7yOUqZ10MYtYVgl1z0qfUMlyr7oJvvesl0CukVhxtsMQHpLLv06SXK9ulyXcKytjbhHntboJ1UwGiUhvrINrgwo61eUziUkTgjLOWg52_8hQXvovzvFgkU2tF3UmlJUgJ-m81yHU2ZJoh2LAWnYdmbY5CC9pwXjvgGNZLFizuI55ZFD8-X2evr6SECPMqnu4wHH4gN0gO40gxeS9CNk47KseHDoyZULOovW2tyrCmaFfkGITyKINAEjxyAdgRVJTte-Oo2LBBruBRBlLOxsECnVRfWJM3HS8HVpFnn59oARSluvys_SBt1UXw_0WfrBnD6t89ogFiS5Vq4YY2OHzxsUsqIJVT6udaGyAhwwV4l_5tB78jTqnwiJz0LzyF-xZTIvI0DWFyymV57m_rw_WP_5P1n4Nbn2pkb-brv3-FE8YnkgZwJCEzBDdKyiXDKYUdepwZ72x4RIJusZvo6_nJFrG224Pozxd2i76B3Zb4bdAzzHgg9KRpCAkz1gerGYDlzAq6jFgS-pgc8GemhemYOsA0FxtmBSz8PVM11g3aEkbSo98GG_l_rKm7WGtuA0v8_i_WtJwxx8icPgZnKaKwzXLn7d3hpCz9LY8mODz2QJcHj6GjhiviSII6GWAl9Gn9Llmxl8TnIsyh4ucJXYDXxSZD9gitM3BrpP8nDX3fBtcKkd22zV6HyyvdhKbz2CX0e40TGnSVlZUbBxixipTAWHsJBDKVjed_JMJOl9utLGAx6oiX-RM4ccI4BeZdzoR3BGDPIXe7HSJwdUzGGbeoZq-_HlJ0_OudwlBePfHBwvMUTzEzoIVxvD20TR0tSBvLm33o9PDzFRF8Ga7UXI8anMsuzbd2n7yqxkziYtUz7vfsdTJxZEvwPICDLz2Uy--InbMU8cnJmFck-SqocwEqDN7fCMBodD-&cid=CAQSPADICaaN_tMC_IJeFj_ai5aXsqyxEUksovB_r13MmRyMJKfQbOOrI1zVsNO-_PVVhnWc4M4YHH0Ktl_sKBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=17191328623356610000&adk=4020099330&idt=123&cac=0&dtd=40
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be3c417b5bf2a8baf2ee965f317e379d9af65523cf52833326c7511f2d33d69e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39175
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5546 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Origin
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 5546 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHZppZaKqGTLLip8BXeLnOeEUs1cI29096zZilfTyCg18lPpg2iGVnfUbVcZFs9BT9zMDywYmwjXZDpx3CqEeNW8eufQZT1tvtRpWApH3yIVP5Zg6UdNerEksXIwF-ZGmmXVvp8enpFuCEc902eqhaXSA1Zmig3idhRP7vGH5cuX3xlyx5dLjgZLff01Znaaw0Qz46&cry=1&dbm_d=AKAmf-Cj2juWiyp2NQY-p9hfc3C8bEic_lFROFpiBxjjYb8tEMJFG0hAm4wfQ0gUx1m7HCsF5COFdButn8ZwDK2_FYzoLepoJtblyCN18XyRC6dn3Qt-mAqjFS_mSEw4RiUYrOIY3W0JILyEzsneNalusyySpWsAYfaHGJsFi-d4BG5-2adw35qt9799R6B6qVNW-cE_8dLsLUtZsgPYjUO7jZrawxcLC_6R8Qo14j6lTTeR5u54OOlLxcLO6JH-GdFsug5eOYBoEmIHtS2_h1cYAJG9Xr8ZRZS-jKwfBoh4wlT8qkO9_4yNyowfvIwqTTb9EXwBw5nsWcUYqBxBjwnrP3bkalv9Q9dV9oS30k_IsSo12OdsSLmJDxRMHpRMhMbvXXlnHxdm-XCFgAp_vYYSTMUEJPNwSQKac_TZgYCB3LGO-Hba2d4dWB7zLmB7E8tOjvUlwoDnZKogIxtBtkmLkQpcslyYV2A6HtJO0vcUykoTAXbUHgMVALyb_lmXPkpAhGe5Vu08b21wicdhu7VZ_fSDkQ_WmZug8KGTifie-ZYvB9jKfkCS8vhzTSbWEee-Ui_HaYn7zR6Okpgchbv4vqq3hvhR2uZqWK9xXZD3GgY1w9orXfEPpj628cNf5EKcQfnq8RZc2srFb2eBImCW2Y8pREkcW_bwOUIgOwDPb_1laijoCaMJn2u5mVjtv5iA-UGEtI6w9KB-xVxJcuE8IKQ3Iwnd6UyrS6NwdXFKhp9kDng3pWABcsDGvh039bL4j33JCeZbDTJa0Yykyb7hrMrREFM8OPhCgCc4O753a6AUzCFeDeK3pVl2RJJz2McWbrp7CeYZUZrTadoRycXCVEEaw1BRBv0phqJDvivPNIm9Iib9L0F47wde0jHOj6aqY5OvepKLlTaVqNdtShvtoaM5tdwN_U38Jx19CWBOT2YNRvQWLxU5RPjaZx6yuVb3iydKIyc-IpvPMKdYA8K2ziFuwGuo0vxNEwn10TKwxlViFZt_fLGgiNlTZatFKgeHpeJhZhRDKyi8AirHRzSZXPcLiKDgQCz_v6cNRSc-msqw964-UwBCY7abW4nHHSCUUmnkjESw2LMe-7ycI14MkpbZ26rLyAGpo1Npv3SnObrf5_iqdMDlVXRcAtwQGM3NITRio0c4gWNQh8H7O3xlZbv5hQhicGWNEgSjMnfGwlbAo6EVzJZ-CHxjOUoH3wEabaY4pXg9nDoRKJYtnjCnUaJ5SIJMficDURhxap0NbtW0I6W1qG2o2yqJv9IPExfsGUGPjUKk2aqr_CR51rQFFfRw_JzMXWlp3wYQW7B7p2oR7EVlUOfYKfiX6Y1ewyZxsmWKLqsSKBCt7fgM2e5Ixqecqg_BT4SsHrnkQTqaNNruBFuRYNj-zJOTL_9C0hKdcvG3Ai5-d-GAmLbLcn0IgduI0SENDRuv37KbWme8gSgnGmZbhR-8vQCEcmxu_QtnTLnWwNHhv_SXlxak-hLPwMmJupHIQU-QQuWn9etlbJ5pTUhjooTJ9K6k6fyIKmrS8UDadm-eFh-SuCgZcfnbbHpGOLkXs5qM5o5pDgwYHIMPV_DWb6VJuN5ZEKI2e5yDrq87Ve0s3Z05UKq968I60CMFfZ07nH7YzlirYTm3wmJG-5O7TcXm4JYKqNKqtSJ55hRwDAyDotp-c8RbeLTwbF8a7pMo8UI7R5gbj1WJ0piwk_ntC3obV41qOwTV7beecGDTYU_P5Rs6Xvp7ztHO-Ix9AfADgZlxPkwo85ai4tTtedO84h0yBOsP70RRKUCKpgPkRbuHkUNFYqiIzAn_WnuqXNNvNTujLWxvFywRRmnFDUxqg6fD_HXyr9mREMFx_PJGWwUBLbjuuqC7TQnRsGVjSnQ5sZFpEHSbQXHp6tmY2fbj4U3E4w8IrDy3QEtFkFqvpp_2KYnv-uINzDkJlIERW3NmouRlxo2vi-9P87OFrbWY3KWPyO7rdrvt4jFLyvR6QMSvgRAGiDPjzRvIHVcOqwJWD6uLInqG1XFzclQvJc7PHNUi-wU8WE5UWVXdf0FGUvdP7Mao6xst7PzDt6uz7S55exDsJbtnpXLnQ59kQ7v75n2Gm8zU8Q2AHKkiz8TkYbNX73DJ2IFHFXgZ8Bgxe_PlrrUzQkYfFQWKDvX5z8ewcvHXo4YLsNE5HvI6v-uLtNfOGScDD1aLgR2SK5pk3BcMQkODlmlDwLaDGVjZ6QXkQMrv1YtZbaKvFQ-sAoyofWG3KwvmteZhemzJQNS40-W19fz6Lt22MLb8_33ubLM-VZwUn-0au3H98lqEDkBr0msrPH64G6FAJACxGqBsHYNE1EMADSeZ-cmlK3HZ_tTWIES3ZhtVEDa8yyWA-5qO6hJ6ApIX9T4W5heYZMruLDICkjibNY2FKXWhNBieUhSfyFD0jdbYCV00pEgrzyqocFmOjKjB5xPOg_gqR5W_-jDBFkE-7XHg_q4gZES2kDjkBDJDH26Zbtrc3jrYy3gSDfHsLbw0SqCVmPZiKOm9uj4s82XqRvZNMfjZsYKzXGx05FT6teikCeCxLy5X3tNxni2cx-M4pSQsaaByJMbz4qWjFB42s-5xu7lpW435ulRyk4kJRbJ0l1Y1TVfcTgIX6s6z4M73x1UeaIJu4O5hB8EtMBzx2JHwx3bGM0BsVdCu16RBkuyYRHTimAAFW9nlScpWBDRuqwhuS2LLdF1wD_WgvlMFXFqwiC-WEtjjbh2y0QtJttNnT5nE3_452w5LUDBIM2kCDmVTf9fuKOsfxlInM5NgNX5ycc3qlnD2JeovaK7-kpWDpOPSLR9VyItYObSrrFqH_-_a_cwYSZRftcm4XVHy4q6jkmqABMcMSEdexlWCfUdkerTrA2nzoXDZKHwue5J6y83eZzUFTnlpVBpLiI5gdfJUHUZ72ZenSW80c8vV5S_C3ht-sE4HrxSl2ynXbix4fa2r7dLRnCLCkcMbujPj9Ahx_sTNi6kVYTWSCGLo3OZLF2vy6OZBCoLm8Y4qh0McDsdBi0UeyRNBjNXiTk6NFjLQ8mZOpOk5dJYzA3xK2MuRUDjxdw1LHo2Qekdq1hxMova0Lo-47DpqtIzJIhmcNRRtofXXXKnAopriBdQtekmjjR4hDL6JadAf4hoepLXf3pMA23PVRBmiT11zuh6Ke5TgdYNuH6E16-xpQ8ZNce82wSgTAsJCjFI5arW5BGc8r9ftSfsfvyrot6rZ2vzBcRt_eIs9f5e1mRsNKviFgDSOHJ_mTzyLHzcVdEuh2tU4jTKitePGS0gRpGkMUq8Y7Olgo63KhQe2QGYuELkQgTUlrae_hIoiicCA-R7ys6fFIgFF0tcGfjg20u8VPSt5k3wXi5DPwhpHdpY7ulTFlzexoSfVCKj1zHHwmZMXZF2OKPUH94KwhlToM1UHtjBfq44ZRhwe3FChxbyv9MgW_a_ekGuAwyPSmr6cIDMW8RXZCt_ZqAJYA6qHVmL1ld-KOZhsk_9e7yOUqZ10MYtYVgl1z0qfUMlyr7oJvvesl0CukVhxtsMQHpLLv06SXK9ulyXcKytjbhHntboJ1UwGiUhvrINrgwo61eUziUkTgjLOWg52_8hQXvovzvFgkU2tF3UmlJUgJ-m81yHU2ZJoh2LAWnYdmbY5CC9pwXjvgGNZLFizuI55ZFD8-X2evr6SECPMqnu4wHH4gN0gO40gxeS9CNk47KseHDoyZULOovW2tyrCmaFfkGITyKINAEjxyAdgRVJTte-Oo2LBBruBRBlLOxsECnVRfWJM3HS8HVpFnn59oARSluvys_SBt1UXw_0WfrBnD6t89ogFiS5Vq4YY2OHzxsUsqIJVT6udaGyAhwwV4l_5tB78jTqnwiJz0LzyF-xZTIvI0DWFyymV57m_rw_WP_5P1n4Nbn2pkb-brv3-FE8YnkgZwJCEzBDdKyiXDKYUdepwZ72x4RIJusZvo6_nJFrG224Pozxd2i76B3Zb4bdAzzHgg9KRpCAkz1gerGYDlzAq6jFgS-pgc8GemhemYOsA0FxtmBSz8PVM11g3aEkbSo98GG_l_rKm7WGtuA0v8_i_WtJwxx8icPgZnKaKwzXLn7d3hpCz9LY8mODz2QJcHj6GjhiviSII6GWAl9Gn9Llmxl8TnIsyh4ucJXYDXxSZD9gitM3BrpP8nDX3fBtcKkd22zV6HyyvdhKbz2CX0e40TGnSVlZUbBxixipTAWHsJBDKVjed_JMJOl9utLGAx6oiX-RM4ccI4BeZdzoR3BGDPIXe7HSJwdUzGGbeoZq-_HlJ0_OudwlBePfHBwvMUTzEzoIVxvD20TR0tSBvLm33o9PDzFRF8Ga7UXI8anMsuzbd2n7yqxkziYtUz7vfsdTJxZEvwPICDLz2Uy--InbMU8cnJmFck-SqocwEqDN7fCMBodD-&cid=CAQSPADICaaN_tMC_IJeFj_ai5aXsqyxEUksovB_r13MmRyMJKfQbOOrI1zVsNO-_PVVhnWc4M4YHH0Ktl_sKBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=17191328623356610000&adk=4020099330&idt=123&cac=0&dtd=40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
58773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:06:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 5546 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHZppZaKqGTLLip8BXeLnOeEUs1cI29096zZilfTyCg18lPpg2iGVnfUbVcZFs9BT9zMDywYmwjXZDpx3CqEeNW8eufQZT1tvtRpWApH3yIVP5Zg6UdNerEksXIwF-ZGmmXVvp8enpFuCEc902eqhaXSA1Zmig3idhRP7vGH5cuX3xlyx5dLjgZLff01Znaaw0Qz46&cry=1&dbm_d=AKAmf-Cj2juWiyp2NQY-p9hfc3C8bEic_lFROFpiBxjjYb8tEMJFG0hAm4wfQ0gUx1m7HCsF5COFdButn8ZwDK2_FYzoLepoJtblyCN18XyRC6dn3Qt-mAqjFS_mSEw4RiUYrOIY3W0JILyEzsneNalusyySpWsAYfaHGJsFi-d4BG5-2adw35qt9799R6B6qVNW-cE_8dLsLUtZsgPYjUO7jZrawxcLC_6R8Qo14j6lTTeR5u54OOlLxcLO6JH-GdFsug5eOYBoEmIHtS2_h1cYAJG9Xr8ZRZS-jKwfBoh4wlT8qkO9_4yNyowfvIwqTTb9EXwBw5nsWcUYqBxBjwnrP3bkalv9Q9dV9oS30k_IsSo12OdsSLmJDxRMHpRMhMbvXXlnHxdm-XCFgAp_vYYSTMUEJPNwSQKac_TZgYCB3LGO-Hba2d4dWB7zLmB7E8tOjvUlwoDnZKogIxtBtkmLkQpcslyYV2A6HtJO0vcUykoTAXbUHgMVALyb_lmXPkpAhGe5Vu08b21wicdhu7VZ_fSDkQ_WmZug8KGTifie-ZYvB9jKfkCS8vhzTSbWEee-Ui_HaYn7zR6Okpgchbv4vqq3hvhR2uZqWK9xXZD3GgY1w9orXfEPpj628cNf5EKcQfnq8RZc2srFb2eBImCW2Y8pREkcW_bwOUIgOwDPb_1laijoCaMJn2u5mVjtv5iA-UGEtI6w9KB-xVxJcuE8IKQ3Iwnd6UyrS6NwdXFKhp9kDng3pWABcsDGvh039bL4j33JCeZbDTJa0Yykyb7hrMrREFM8OPhCgCc4O753a6AUzCFeDeK3pVl2RJJz2McWbrp7CeYZUZrTadoRycXCVEEaw1BRBv0phqJDvivPNIm9Iib9L0F47wde0jHOj6aqY5OvepKLlTaVqNdtShvtoaM5tdwN_U38Jx19CWBOT2YNRvQWLxU5RPjaZx6yuVb3iydKIyc-IpvPMKdYA8K2ziFuwGuo0vxNEwn10TKwxlViFZt_fLGgiNlTZatFKgeHpeJhZhRDKyi8AirHRzSZXPcLiKDgQCz_v6cNRSc-msqw964-UwBCY7abW4nHHSCUUmnkjESw2LMe-7ycI14MkpbZ26rLyAGpo1Npv3SnObrf5_iqdMDlVXRcAtwQGM3NITRio0c4gWNQh8H7O3xlZbv5hQhicGWNEgSjMnfGwlbAo6EVzJZ-CHxjOUoH3wEabaY4pXg9nDoRKJYtnjCnUaJ5SIJMficDURhxap0NbtW0I6W1qG2o2yqJv9IPExfsGUGPjUKk2aqr_CR51rQFFfRw_JzMXWlp3wYQW7B7p2oR7EVlUOfYKfiX6Y1ewyZxsmWKLqsSKBCt7fgM2e5Ixqecqg_BT4SsHrnkQTqaNNruBFuRYNj-zJOTL_9C0hKdcvG3Ai5-d-GAmLbLcn0IgduI0SENDRuv37KbWme8gSgnGmZbhR-8vQCEcmxu_QtnTLnWwNHhv_SXlxak-hLPwMmJupHIQU-QQuWn9etlbJ5pTUhjooTJ9K6k6fyIKmrS8UDadm-eFh-SuCgZcfnbbHpGOLkXs5qM5o5pDgwYHIMPV_DWb6VJuN5ZEKI2e5yDrq87Ve0s3Z05UKq968I60CMFfZ07nH7YzlirYTm3wmJG-5O7TcXm4JYKqNKqtSJ55hRwDAyDotp-c8RbeLTwbF8a7pMo8UI7R5gbj1WJ0piwk_ntC3obV41qOwTV7beecGDTYU_P5Rs6Xvp7ztHO-Ix9AfADgZlxPkwo85ai4tTtedO84h0yBOsP70RRKUCKpgPkRbuHkUNFYqiIzAn_WnuqXNNvNTujLWxvFywRRmnFDUxqg6fD_HXyr9mREMFx_PJGWwUBLbjuuqC7TQnRsGVjSnQ5sZFpEHSbQXHp6tmY2fbj4U3E4w8IrDy3QEtFkFqvpp_2KYnv-uINzDkJlIERW3NmouRlxo2vi-9P87OFrbWY3KWPyO7rdrvt4jFLyvR6QMSvgRAGiDPjzRvIHVcOqwJWD6uLInqG1XFzclQvJc7PHNUi-wU8WE5UWVXdf0FGUvdP7Mao6xst7PzDt6uz7S55exDsJbtnpXLnQ59kQ7v75n2Gm8zU8Q2AHKkiz8TkYbNX73DJ2IFHFXgZ8Bgxe_PlrrUzQkYfFQWKDvX5z8ewcvHXo4YLsNE5HvI6v-uLtNfOGScDD1aLgR2SK5pk3BcMQkODlmlDwLaDGVjZ6QXkQMrv1YtZbaKvFQ-sAoyofWG3KwvmteZhemzJQNS40-W19fz6Lt22MLb8_33ubLM-VZwUn-0au3H98lqEDkBr0msrPH64G6FAJACxGqBsHYNE1EMADSeZ-cmlK3HZ_tTWIES3ZhtVEDa8yyWA-5qO6hJ6ApIX9T4W5heYZMruLDICkjibNY2FKXWhNBieUhSfyFD0jdbYCV00pEgrzyqocFmOjKjB5xPOg_gqR5W_-jDBFkE-7XHg_q4gZES2kDjkBDJDH26Zbtrc3jrYy3gSDfHsLbw0SqCVmPZiKOm9uj4s82XqRvZNMfjZsYKzXGx05FT6teikCeCxLy5X3tNxni2cx-M4pSQsaaByJMbz4qWjFB42s-5xu7lpW435ulRyk4kJRbJ0l1Y1TVfcTgIX6s6z4M73x1UeaIJu4O5hB8EtMBzx2JHwx3bGM0BsVdCu16RBkuyYRHTimAAFW9nlScpWBDRuqwhuS2LLdF1wD_WgvlMFXFqwiC-WEtjjbh2y0QtJttNnT5nE3_452w5LUDBIM2kCDmVTf9fuKOsfxlInM5NgNX5ycc3qlnD2JeovaK7-kpWDpOPSLR9VyItYObSrrFqH_-_a_cwYSZRftcm4XVHy4q6jkmqABMcMSEdexlWCfUdkerTrA2nzoXDZKHwue5J6y83eZzUFTnlpVBpLiI5gdfJUHUZ72ZenSW80c8vV5S_C3ht-sE4HrxSl2ynXbix4fa2r7dLRnCLCkcMbujPj9Ahx_sTNi6kVYTWSCGLo3OZLF2vy6OZBCoLm8Y4qh0McDsdBi0UeyRNBjNXiTk6NFjLQ8mZOpOk5dJYzA3xK2MuRUDjxdw1LHo2Qekdq1hxMova0Lo-47DpqtIzJIhmcNRRtofXXXKnAopriBdQtekmjjR4hDL6JadAf4hoepLXf3pMA23PVRBmiT11zuh6Ke5TgdYNuH6E16-xpQ8ZNce82wSgTAsJCjFI5arW5BGc8r9ftSfsfvyrot6rZ2vzBcRt_eIs9f5e1mRsNKviFgDSOHJ_mTzyLHzcVdEuh2tU4jTKitePGS0gRpGkMUq8Y7Olgo63KhQe2QGYuELkQgTUlrae_hIoiicCA-R7ys6fFIgFF0tcGfjg20u8VPSt5k3wXi5DPwhpHdpY7ulTFlzexoSfVCKj1zHHwmZMXZF2OKPUH94KwhlToM1UHtjBfq44ZRhwe3FChxbyv9MgW_a_ekGuAwyPSmr6cIDMW8RXZCt_ZqAJYA6qHVmL1ld-KOZhsk_9e7yOUqZ10MYtYVgl1z0qfUMlyr7oJvvesl0CukVhxtsMQHpLLv06SXK9ulyXcKytjbhHntboJ1UwGiUhvrINrgwo61eUziUkTgjLOWg52_8hQXvovzvFgkU2tF3UmlJUgJ-m81yHU2ZJoh2LAWnYdmbY5CC9pwXjvgGNZLFizuI55ZFD8-X2evr6SECPMqnu4wHH4gN0gO40gxeS9CNk47KseHDoyZULOovW2tyrCmaFfkGITyKINAEjxyAdgRVJTte-Oo2LBBruBRBlLOxsECnVRfWJM3HS8HVpFnn59oARSluvys_SBt1UXw_0WfrBnD6t89ogFiS5Vq4YY2OHzxsUsqIJVT6udaGyAhwwV4l_5tB78jTqnwiJz0LzyF-xZTIvI0DWFyymV57m_rw_WP_5P1n4Nbn2pkb-brv3-FE8YnkgZwJCEzBDdKyiXDKYUdepwZ72x4RIJusZvo6_nJFrG224Pozxd2i76B3Zb4bdAzzHgg9KRpCAkz1gerGYDlzAq6jFgS-pgc8GemhemYOsA0FxtmBSz8PVM11g3aEkbSo98GG_l_rKm7WGtuA0v8_i_WtJwxx8icPgZnKaKwzXLn7d3hpCz9LY8mODz2QJcHj6GjhiviSII6GWAl9Gn9Llmxl8TnIsyh4ucJXYDXxSZD9gitM3BrpP8nDX3fBtcKkd22zV6HyyvdhKbz2CX0e40TGnSVlZUbBxixipTAWHsJBDKVjed_JMJOl9utLGAx6oiX-RM4ccI4BeZdzoR3BGDPIXe7HSJwdUzGGbeoZq-_HlJ0_OudwlBePfHBwvMUTzEzoIVxvD20TR0tSBvLm33o9PDzFRF8Ga7UXI8anMsuzbd2n7yqxkziYtUz7vfsdTJxZEvwPICDLz2Uy--InbMU8cnJmFck-SqocwEqDN7fCMBodD-&cid=CAQSPADICaaN_tMC_IJeFj_ai5aXsqyxEUksovB_r13MmRyMJKfQbOOrI1zVsNO-_PVVhnWc4M4YHH0Ktl_sKBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com.my%2Fnews%2Fnation%2F2023%2F06%2F06%2Fmissing-eight-year-old-found-drowned-in-tanjung-malim&ds=l&xdt=1&iif=1&cor=17191328623356610000&adk=4020099330&idt=123&cac=0&dtd=40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
408
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 11:19:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5546 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E713 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5546 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06ed69faab74f2bffa2bd17470fab743a1694f79b9b1e7305eea1347a1dbd03d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2371 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame E713
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsBwz9brL0QA0RPIgGpHm4&google_cver=1&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18axHGoZ6Y2mr_zGQhp_eUQdYgTm58WF4sAmSyXWYcH4Sg&google_hm=MqIUKNYC2q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18axHGoZ6Y2mr_zGQhp_eUQdYgTm58WF4sAmSyXWYcH4Sg&google_hm=MqIUKNYC2qqSQ_RV5eLCNg
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ7oIsJFI8ajx5e4LIVymC62ufsRq-wam5QwoJAgLEBRRYyjWOy18axHGoZ6Y2mr_zGQhp_eUQdYgTm58WF4sAmSyXWYcH4Sg&google_hm=MqIUKNYC2qqSQ_RV5eLCNg
pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame E713 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEPp8wQeW9FFYaNHltvOnLzo&google_cver=1&google_push=AXcoOmRmkOHulwSS77Ihg16KC8tstuQrM6jbJ2PvBAJmkEX7K263iPlnHzEpXPBOBOfqLtK8ddWjGkZEgFVcDJ4JxbLJzO7wPvMzBg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRmkOHulwSS77Ihg16KC8tstuQrM6jbJ2PvBAJmkEX7K263iPlnHzEpXPBOBOfqLtK8ddWjGkZEgFVcDJ4JxbLJzO7wPvMzBg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
832ce42c2aa45b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E713
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOW3rSS0oGId_HJLa8gmAh4&google_cver=1&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycYhQVLoXMtjavID_g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72ECB1FB96AD43E48E79EE88504B02FD&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72ECB1FB96AD43E48E79EE88504B02FD&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycYhQVLoXMtjavID_g
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 11:26:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72ECB1FB96AD43E48E79EE88504B02FD&google_push=AXcoOmRskYjalhRmTsjaZgTsBHAQSeE5mPF8s0oHdHdEhZaF_y99ICNiGW22LqpVadEoCqVep971D2-0_i_AycYhQVLoXMtjavID_g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Dec 2023 11:26:06 GMT
sync
x.bidswitch.net/ Frame E713 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ4ivj-33MYA2ZvRmYETlkw&google_cver=1&google_push=AXcoOmT8i489tDY5MDrDIpB-Rpz1xeUaVdzV26JIIsDfWYyKxzfViVx_-Wt1EmaHXzATnorMAZJzbQ_47EVDbX9F0gpQ276cGWK1CQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E713
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFcFNHqP67srHPUo9WHkqGY&google_cver=1&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFs...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFcFNHqP67srHPUo9WHkqGY&google_cver=1&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7L...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI0MjkxMTk1OTI0NDAyNTc2Ng&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI0MjkxMTk1OTI0NDAyNTc2Ng&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFsM58U7ykznHUMxz2JD0l0gw
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI0MjkxMTk1OTI0NDAyNTc2Ng&google_push=AXcoOmS4hJ3gQ7PELish5aa9cxr8ZntyoWY0LaWyvAYTaGmEaAzLP9Uq2nNt-dACpyWd1KCfB7LoGyFsM58U7ykznHUMxz2JD0l0gw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame E713 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECZEP-gL5x8Rht4DNEMNnsE&google_cver=1&google_push=AXcoOmRI65GTbHOLlCXozWX6VBN15l9daDrQPInVHY4u8U21zBfV_8Xe0bGOvkBwR8R8ekuEFHfCCoy8ELd_ZYHsNx_9IpDADZVbhQ
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:06 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E713 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjU6bi5ez_iFHQdI6QXFx8&google_cver=1&google_push=AXcoOmQzCwb-EjoXlO3tdl9I4bnJvUuYyfuA_dAgeUg75Oq5MPN-mzmoJwEcQoJkGsGSXBa7OvFICuIW5D1-N-5JkPp6C77C-k2Q6Q
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 09 Dec 2023 11:26:06 GMT
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame E713 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JX7mVqC9D-buMA7GajxfeOY5DeAGmBFVwLONCLtSpP-6LvULydUIkh9bWsRUMOHS9S9aPa
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 5546 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuN9wOYon6D9PTdMwFlnU6eCeeNiLVmlmKVezUbD5liTAoE_ncMJNilaFdJaCsuvuLxbZPWxalh3lTTUrnvkwfaclUqWqW0d0jYA1XcU9LNIYsBeEUab_mHVkktJNt8Lv20qedaELs8tcHRVeaaT3HQg-dxwTYssZEMrBVm76ONQ1hU6hgX-0mtaBUHBFChZ_ewcnvMU4KgE9R9cK8GfdlSCL-9QRnvJNahgvM47ObQDmn1xS42bAIniQXD9IbKm_hMUs_0FC7sXllRHH2OsyJR3-G7lOKP7TNo2ssOOuMpyggaznDmU68CuFGddIjCCa0Q3ClL2IFePZobbCB1iB-zJjBUrbVFWt_517gp1FHP5eVc01QrR4lrQEZ23UaNxVS6JBKE1fC63e6pNgOtXVquOnx0voQVMtqu2ex9G2x9CELLWHNDTR0IzQnqNS5iwJjt0dwraajkSxOlXjrqiKC8YB8mVvB0LxD3o4rXiPJfI7ycsn0kmTz7scwM6kCzO9IZ_rM7VkWr32X21FM5Mye8V-KzaUVEWEket3gRDozrU3ikxbw2gQpzC84N4cOYGOV0kJPu-0jaZwsaMkYVTHJe0PawoALQM52iculKK6OipQRcal03M02j0s6CpdvsCgxsV5KXEJsJ-fvXRjeytQNiOT3KidkbUK_E6jFkqrrnnXwR34gFdhA1zCyGi1_XjdRyvOxUE6yrJXuBE3cIbET7Bc7OzkCA2fizzRRchbR6qpdX1XYkez8Fkmn_hdlSPLKoF0d_cUox_AoBKn8mWSFyGIOfDShGAM2S1h8153INs_p7Ld0XZFqvSiIiO4-6jLK-MRBCGgBD9axhNEGufb3rdA7-Js0RLacVJ_NIGJEApl_zSe3gNlfZdMcgOfSw9k9VBli24BzHjoa0ejKdU_f4QKuI_azj2suo3NkHOC64Q2V8DzR2j1wKx-vRprUpcfhVRdglti0xfm7DFEShAsh7OdEHPMx8Lgk5hZgz7Qu_5T_nrTsII-GDGjLfKY7vDCCY3B30eJGCQTXLXEx4bbEnJlAla6HNVltX780VPYncT3maVnb92UL2tDZ5cOIuybG_Ru_rzdkfU0_0Kx2gZ_nc4aF3oo7qu-tp9NNWqHzIGsJsYwk6_Il7_0UXEaiTfpp5kjo_AFpb1veXv3v8tAREiY3CHvbvjn5ruuCFFc6n2kEqNi4350c9lZFwk7ruxfZslqXlUBiNVslZ0zjxvEcYFFAVKk1saB6sr39VOyVT50zw-3Y0UuydT4RDURmKrU8a2W_j9JfMfBmsdrOdk0v8PtpihObKZqSkTkNZDS6hI_tBAv_uBmnbXw6xvqPhhoORIrLXwJxrpmHeOkbb9b_XOL8vjVcjLZHf1OIOYENNG4bk-bAdOuwGdU8YtghQ3HXsqmmhy4rnXw1w-y-HovfsfGbmh6NAXGHIZcLMYZ7iezebWBLzeif6U83E-OUMelGeTCy7KMWPsGOz01LYibIG2_Zm1USxVS6UkAtkE27wn7H4EK6r06H70oruzvcf_F-y2Q&sai=AMfl-YSwkf8Ifp0U_4cwUVV_aDz2IA0BeOpcCs_AKpTxKhZnZSqsTw0uJxEb72Q5eNV60fpOlzWXqdAg8Q1tf7E24YTK44D2Deg4gWZpXkAFC3iiyJJpq4C50yLryjAjUjBcNMiqp46lMWmggV1JUNAwg_5XJSw8jx_s7hZO03uIlGgPCvIOSyHUJhJ0g-Br8wSrVMrkO4eWWK_n5nmZsPFejePdZIs6GkDxtSOBwEJOGkSgoBfM6H4i5fqBMAEnuKkraKv2RGA&sig=Cg0ArKJSzHVB276pqtMHEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=61&cbvp=1&cisv=r20231206.08047&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 11:26:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
9150291078721736478
s0.2mdn.net/simgad/ Frame 5546 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9150291078721736478
Requested by
Host: 9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
URL: https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:50:26 GMT
x-content-type-options
nosniff
age
45340
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8106
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:45:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 22:50:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5546 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuN9wOYon6D9PTdMwFlnU6eCeeNiLVmlmKVezUbD5liTAoE_ncMJNilaFdJaCsuvuLxbZPWxalh3lTTUrnvkwfaclUqWqW0d0jYA1XcU9LNIYsBeEUab_mHVkktJNt8Lv20qedaELs8tcHRVeaaT3HQg-dxwTYssZEMrBVm76ONQ1hU6hgX-0mtaBUHBFChZ_ewcnvMU4KgE9R9cK8GfdlSCL-9QRnvJNahgvM47ObQDmn1xS42bAIniQXD9IbKm_hMUs_0FC7sXllRHH2OsyJR3-G7lOKP7TNo2ssOOuMpyggaznDmU68CuFGddIjCCa0Q3ClL2IFePZobbCB1iB-zJjBUrbVFWt_517gp1FHP5eVc01QrR4lrQEZ23UaNxVS6JBKE1fC63e6pNgOtXVquOnx0voQVMtqu2ex9G2x9CELLWHNDTR0IzQnqNS5iwJjt0dwraajkSxOlXjrqiKC8YB8mVvB0LxD3o4rXiPJfI7ycsn0kmTz7scwM6kCzO9IZ_rM7VkWr32X21FM5Mye8V-KzaUVEWEket3gRDozrU3ikxbw2gQpzC84N4cOYGOV0kJPu-0jaZwsaMkYVTHJe0PawoALQM52iculKK6OipQRcal03M02j0s6CpdvsCgxsV5KXEJsJ-fvXRjeytQNiOT3KidkbUK_E6jFkqrrnnXwR34gFdhA1zCyGi1_XjdRyvOxUE6yrJXuBE3cIbET7Bc7OzkCA2fizzRRchbR6qpdX1XYkez8Fkmn_hdlSPLKoF0d_cUox_AoBKn8mWSFyGIOfDShGAM2S1h8153INs_p7Ld0XZFqvSiIiO4-6jLK-MRBCGgBD9axhNEGufb3rdA7-Js0RLacVJ_NIGJEApl_zSe3gNlfZdMcgOfSw9k9VBli24BzHjoa0ejKdU_f4QKuI_azj2suo3NkHOC64Q2V8DzR2j1wKx-vRprUpcfhVRdglti0xfm7DFEShAsh7OdEHPMx8Lgk5hZgz7Qu_5T_nrTsII-GDGjLfKY7vDCCY3B30eJGCQTXLXEx4bbEnJlAla6HNVltX780VPYncT3maVnb92UL2tDZ5cOIuybG_Ru_rzdkfU0_0Kx2gZ_nc4aF3oo7qu-tp9NNWqHzIGsJsYwk6_Il7_0UXEaiTfpp5kjo_AFpb1veXv3v8tAREiY3CHvbvjn5ruuCFFc6n2kEqNi4350c9lZFwk7ruxfZslqXlUBiNVslZ0zjxvEcYFFAVKk1saB6sr39VOyVT50zw-3Y0UuydT4RDURmKrU8a2W_j9JfMfBmsdrOdk0v8PtpihObKZqSkTkNZDS6hI_tBAv_uBmnbXw6xvqPhhoORIrLXwJxrpmHeOkbb9b_XOL8vjVcjLZHf1OIOYENNG4bk-bAdOuwGdU8YtghQ3HXsqmmhy4rnXw1w-y-HovfsfGbmh6NAXGHIZcLMYZ7iezebWBLzeif6U83E-OUMelGeTCy7KMWPsGOz01LYibIG2_Zm1USxVS6UkAtkE27wn7H4EK6r06H70oruzvcf_F-y2Q&sai=AMfl-YSwkf8Ifp0U_4cwUVV_aDz2IA0BeOpcCs_AKpTxKhZnZSqsTw0uJxEb72Q5eNV60fpOlzWXqdAg8Q1tf7E24YTK44D2Deg4gWZpXkAFC3iiyJJpq4C50yLryjAjUjBcNMiqp46lMWmggV1JUNAwg_5XJSw8jx_s7hZO03uIlGgPCvIOSyHUJhJ0g-Br8wSrVMrkO4eWWK_n5nmZsPFejePdZIs6GkDxtSOBwEJOGkSgoBfM6H4i5fqBMAEnuKkraKv2RGA&sig=Cg0ArKJSzHVB276pqtMHEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=196&vt=11&dtpt=135&dett=3&cstd=194&cisv=r20231206.08047&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/641018540181893391/ Frame A2C2 		75 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
67725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20055
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:37:21 GMT
expires
Sat, 07 Dec 2024 16:37:21 GMT
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2371 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
59741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame A2C2 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 19:43:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2371 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bnqe4zk50Zc3tJP7H9u8PwrWB6AQAAAAAOAHgBAI&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfOACp3SrFl_3Y4_4xVV9P86D4SxcmytrD20gX210BsU9F6XKa2FvL7Vn7ayC0FGS1AgAAADhSAAAAAmgBB5kDZYV2QBXDSG6fxiyqC8F39-iZp42z2agO0GR_kbysf5N5iUV9HspXVo4t6Q-IlpwYWmRWiQXyGQUkij83kT5yjUynkQNsRzNE0yfMTs9s1bZdSY5Zz0D1x1y6BimcsJmuNpvKKmAp1XISVCS9bRaiXfgwhY4ml-D0OLV9QK_OZ9yTwba_PFE3Jbs7MvlbCfghz_yNLEMWD0S7sbbiuOhMVyf69l8dWj4lR77NWuGg6PYU4ey06Yn5cKff1YJfgwiG_N_NIh_fRe22SFR5OLc-lRBfVT2YLJ8RoRKTUWFkZChdLATKn7MnmX2NTWiXs8ROt8jkFfeN-bVXHd-S7lkXqYahE29j-nW4B9C8s0wq6Q1VBcaQDPzBZbsBR9GpRHR3lV-oIxgRusYrJkJoZK1Xd6dtRu2j4WgoirFT4Wf7ZrP5BbplopCZlTi-nqWjW69TjdsPQ_1O-9HfnIaGBPQ3KrtuYpDSyLXHe0mfYeC4k2oKQCYC_i6pEwjKJfJ_aB6C-pM4zt2NviSWLvz-ot__FLohT4DQ49VWqcs3nIr9S9mWzd6LJhTyMQk0LFB4pyjwiOSBrkQCysjGbxGFE1sJcQy0lt0QoGH35ZYU0b-hE2yOo5mN9sfv4iixvq0__DQvoWpII6d8EVrtN7zvU2lLXOO3RZeXL1yQmCkfSgjRHUJORhteZ1pwon774qoy89t8C_Dxdhs1gIIT66eRcMFm7NsYdqIAL9ajkixt3m87qmVd31dbsY8-njnZpWuzU9g1u5J1R24o-GGOXdaLjdvI0hDVfwNqIW6PEo5HnfoJEA5Js0eOgE3rkmn2BBd4beBgFMSyAh5RwIpW-KStZZOPYXob78R_QLsfXD0EV0qGiiBrTw8vAfRnKVapwt1l_khdZz6GEq_bXrxSnTEtj8PNqrlaUNAky_0_SFwCtWNwFgEV-FL4CSiJUvPZMXvZ8ru0-sxqeQGpFeytK2ZSZ4clbEQiQzhqQ77rwtzqdBlvLq-Tlfl1Q2MyRZBp6NqQYk5TtSANd4wRSIJAoeXkErdyt65WGlC6oeXLt3fqVmY2Xma6oMH3m6tl5vGMXc6rhdKml7lV-YFuYLclisNNRFbaBz40gtuqZTC8wXmXCN2X7h47sGd504vfLCVDZx64JUB6Q5lVXWE5
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1237300_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		94 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237300_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
zTCAFmvwF0VEf1pOWXeYmg6ZlcGNFwoN
date
Sat, 09 Dec 2023 11:26:07 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
52
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-343711/343712
Content-Length
343712
last-modified
Sat, 09 Dec 2023 08:54:19 GMT
server
AmazonS3
etag
"8fcca3b0157b00fce774e1e8de8784bf"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
hUnNwm7yQGtqpJbY9jMbJ_E2e-6eTEN0TKAg8Uuh5CcJvSXoRw8yVg==
1237299.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237299.json?callback=jsonCallback1237299&_=1702121158890
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dc02c22eb64187a6b715fd746b3a933be68d2f113c6231526b5230f53510ec5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:26:08 GMT
x-amz-version-id
Jx2BJnjHxm_9rvKE7FRts.OxZ3VfDbbi
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 08:54:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"107388c58a651dc435297fe9cec1b770"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=180
accept-ranges
bytes
content-length
2284
x-amz-cf-id
L3OHPYYA5DmodkvB-denPvKwJO5nQKzd5f1w2v1m1c700ZzeJ6PvAA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5546 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8306242219661&version=m202309260101&ct=119&x=1&cor=17191328623356610000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1237299_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		79 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/1237299_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
E488hUAvDULna6ebLkFTvD3q.voETlPe
date
Sat, 09 Dec 2023 11:26:07 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
51
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-309535/309536
Content-Length
309536
last-modified
Sat, 09 Dec 2023 08:54:22 GMT
server
AmazonS3
etag
"dcc89d68b0213edba29b0ea49084acc4"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=180
accept-ranges
bytes
x-amz-cf-id
fLF_xkycJwXO3D-TxkjKe9jYO-G_oxFVi3yC92EVNLlxsGsUbB2DYg==
wl
t.pubmatic.com/ 		17 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161329
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161329/8028/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:26:07 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
1237292.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECdVFxE1lAsnafkp96aTB0o&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
cdn.thestar.com.my
URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/1237292.json?callback=jsonCallback1237292&_=1702121158891

Verdicts & Comments Add Verdict or Comment

1108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| documentPictureInPicture function| $ function| jQuery object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate function| moment function| postscribe function| Cookies function| Vue function| axios function| ResetFields function| FirefoxSearchBoxNoPadding function| EmailBoxFocused string| tsolTier01_mouseenter string| tsolTier02_mouseenter function| TSOLcarousel function| callPlayer function| GetGigyaContentCount function| parseXml function| MediaContainer4Items function| MediaContainer4Items_thumbnail_Click function| MediaContainer5Items function| MediaCarousel function| MediaCarouselNextPrevBtn function| PopulateMediaCarouselGallery function| PopulateMediaContainer5Items function| PopulateMediaContainer5ItemsOnClick function| RepopulateMediaContainer5ItemsDescription function| LatestGalleryTabbed function| ChangeCursorForLatestGalleriesTabbed function| ResetScrollPosition function| getUrlVars function| RearrangePaginationCss function| CategoryListingLeftRightButton function| MediaContainer_DynamicCaption_init function| CategoriesListing_init function| CategoriesListing_refresh function| PhotosSliderBox_init function| PhotosSliderBox_showItem function| PhotosSliderBox_nextItem function| VideoSliderBox_init function| VideoSliderBox_showItem function| VideoSliderBox_nextItem function| SectionSliderBox_init function| SectionSliderBox_showItem function| SectionSliderBox_nextItem number| min number| max function| increaseFontSize function| decreaseFontSize function| printpage function| sendemail object| AjaxComponents function| EndRequestHandler function| getIEVersion string| KICKER_FREE_MARKUP string| KICKER_PREMIUM_MARKUP string| KICKER_LOCK_MARKUP_V2 string| KICKER_LOCK_MARKUP string| KICKER_UNLOCK_MARKUP function| isThereBizPremiumSubscription function| validURL function| my_jquery object| FB object| cX function| ParselyFilterStory object| onLoadParselyFunctions object| onLoadParselyFunctionsWithList object| onLoadParselyFunctionsWithList_History_Trending boolean| isLoadParsely object| PARSELY function| ValidURL function| isValidVideoSource function| GenerateMediaTag function| GenerateMediaTagV2 function| getSrcset function| getMediaObj function| inlineImageReplacePath function| createCookie function| readCookie boolean| rmad number| viewid function| sasiajserver function| sascalcsize undefined| daxsubscriber boolean| isLogin number| tkValid string| pageType string| contentType object| tp string| client_id object| re string| userID string| sectionName object| PWT object| googletag boolean| gptRan function| loadGPT object| gptAdSlots function| trainParsely function| trainParselyStar2Stories string| IMAGE_URL object| Laravel object| __buffer object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| __twttrll object| twttr object| __twttr object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName string| key function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| ggeac object| google_tag_data object| google_js_reporting_queue function| cxCCE_callQueueExecute object| cxTest object| stockdata function| getParameterByName function| searchKeyPress function| post function| toggleDrop function| toggleSubDrop string| widgetId number| dcw number| dch string| leftPosition string| topPosition string| filename string| topicbar_html object| reqTB function| bookmarkStory function| GetCurrentSection function| GetCurrentSectionSubsection function| TryParseInt function| GetCurrentTag function| GetCurrentMeta string| strsection string| newsurl string| storynewsurl string| params undefined| tag undefined| sectionsubsection undefined| kickerUrl undefined| page_type undefined| ku undefined| keyword function| receiveMessage function| inlineNewsletter object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| email string| story_id string| story_headline string| story_link string| story_section string| feedback_key function| feedback_get function| getRecaptchaV2 function| feedback_getV2 function| feedback_reset function| feedback_toggleEmail function| expireFeedback function| setFeedback function| topImages function| generateCookie function| getTimeStamp function| digitPad number| reinitializeFlag object| trendingNews object| recommendedNews string| nav_headline_html string| nav_interact_html function| affixSetup2 function| controlShareModal function| reinitializeShareThis object| timer object| timerIncrementInt function| allDailymotionPlayersEvents function| setDailymotionDLPushValues function| setDailymotionDLPushEvent function| dailymotionDLPush function| increment object| dailymotion function| formatDate object| today string| year string| month string| day string| todaydate string| addthis_position undefined| google_measure_js_timing function| loadTrendingWidget function| titleCase object| e object| t object| o function| selectDropdown number| haze_id string| haze_title string| haze_ga_event object| haze_startDate object| haze_endDate string| haze_startDateStr string| haze_endDateStr string| haze_image_url string| haze_link_url string| haze_link_url_target string| haze_linkm_url string| haze_linkm_url_target string| haze_style_desktop string| haze_style_mobile function| getHazeGlobals function| setHazeSettings string| curUrl object| aParser string| newUrl object| listing number| per_page object| firstLimit function| titleCaseRR string| recommendedStories string| meteredSpan object| nextSet number| lastIndex function| sanitizeAuthorFunction object| ari object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater string| fbmminTime string| fbmmaxTime object| fbmlastdone number| fbmprev number| fbmlow number| fbmhigh number| fbmylow number| fbmyhigh number| fbmminval number| fbmmaxval number| gain number| lose number| unchange number| untraded number| fbmlast string| time string| bizdate number| fbmchange number| fbmpercentchange string| fbmvolume object| chart object| activeData object| sidemarket number| Brand_currentItem object| reqSP function| Brand_showItem function| Brand_nextItem undefined| scriptData undefined| scriptData2 string| currentSite string| scriptTagline string| domain object| scripts object| google_reactive_ads_global_state undefined| cXJsonpCB1 object| PianoESPConfig object| globalBarConfig function| checkSubdomain function| changeTrackingValue function| loadBar object| moreLinks object| mainLinks boolean| loadGigya boolean| loadMsg string| msgSiteName string| msgShortUrl string| msgFullUrl string| tagline number| barInterval string| signinlink string| hru function| getCook string| username string| fbusername undefined| cookies function| delete_cookie function| logout object| rangetouch function| updateRangeProgress function| replaceAll function| formatPubdate function| formatTime function| getNews function| generatePlaylist object| lazySizesConfig object| lazySizes function| isMobile string| affixElement function| affixSetup function| recaptchaReset function| reset function| contactUs function| contactUs_v2 function| showHide function| noScroll function| getUrlParameter function| decodeURIComponentSafe string| firstPath string| firstPathJstr object| firstPathJObj object| homejObj number| scrollPos boolean| slickReady number| interval function| calcMargin function| setTrackingURL function| searchAdvanceClick object| dataLayer object| _comscore function| addCookie function| checkCookie function| Anno function| AnnoButton function| userTour number| flyin_id string| flyin_title string| flyin_desc string| flyin_image_url string| flyin_pdf_url string| flyin_pdf_file_name string| flyin_download string| flyin_ga_event object| flyin_startDate object| flyin_endDate object| flyin_startDate2 object| flyin_endDate2 string| flyin_startDateStr string| flyin_endDateStr string| flyin_startDateStr2 string| flyin_endDateStr2 string| flyin_cookie_visits string| flyin_cookie_hide number| flyin_criteria_show_no number| flyin_cookie_visits_duration number| flyin_cookie_hide_duration number| flyin_cookie_close_duration number| flyin_show_form function| getflyinGlobals function| setflyinSettings function| setflyinUI function| getflyinDateStr function| SetCookieForAlertBox function| GetCookieForAlertBox function| validatePhonenumber function| gaTracking function| getLocationFromCxense function| downloadFile string| fbsrcookies number| icon_id string| icon_title string| icon_ga_event object| icon_startDate object| icon_endDate string| icon_startDateStr string| icon_endDateStr string| icon_image_url string| icon_link_url string| icon_link_url_target string| icon_linkm_url string| icon_linkm_url_target string| icon_style_desktop string| icon_style_mobile function| getIconGlobals function| setIconSettings object| queryly undefined| qscript object| smartechclient string| SmartechObject function| smartech number| google_unique_id object| gaGlobal function| inlineStoryBoxP function| inlineStoryBoxBR function| inlineStoryBox function| isEmpty function| inlineAdPaging function| inlineRectAd function| inlineAd function| mobileUnderlayAd function| balloonAd function| pagingToURL function| trackInvol function| starpicksRandom undefined| intRegex undefined| pageQueryString string| pagingcontrols string| lastPage function| trackOutboundLink object| regI object| regL object| regS object| regSw string| html number| jqInterval object| pbjs object| recaptcha object| closure_lm_519437 object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 string| linkId object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| COMSCORE object| ns_p object| google_tag_manager object| smartech_wnconfig undefined| spaData object| STAPI function| smtReloader function| fbq function| _fbq function| obApi object| recordTier function| loadActive function| loadGainer function| loadLoser object| gainerData object| loserData string| GoogleAnalyticsObject function| ga undefined| cXJsonpCB2 boolean| NCSBX string| NCSBX_UID object| NCSBX_UD undefined| cXJsonpCB3 function| apiObj function| onYouTubeIframeAPIReady object| msgData object| parselyGuid object| parselyStories number| counter object| data boolean| loading function| admiral function| 4dm1r11545242527 object| gaplugins object| gaData undefined| BOXX_CLIENT_ID object| webp_configuration object| a object| b object| c object| configuration_map number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp object| debugtest object| videocheck object| newlogictest object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult string| timezonename number| newunitcallback object| block_url object| and_geo_block number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size4684status number| size4685status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| a9slots object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs function| getQueryStringnew object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| globalinterval3 number| localandbeyond string| url1 string| country function| adloox_pubint_timeout number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval3 function| getQueryString_value number| windowwidth1 string| url22 string| urlmob1 number| globalcount number| globalinterval function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag number| current_time object| adloox_pubint object| ignore number| refreshval number| number5 object| inreademo object| inreademounit object| ube object| teadsscript object| _aps boolean| apstagLOADED object| apscustom object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| teads function| AdPlayerPro function| playerPro object| lotame_sync_16576 function| ha function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| au number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivedivgptadDesktopTSOLNewsSPMidSTO number| activedivgptadDesktopTSOLNewsSPMidSTO number| time_refreshunitdivgptadDesktopTSOLNewsSPMidSTO number| nextnumberdivgptadDesktopTSOLNewsSPMidSTO number| newflag number| diff number| flagnewone number| passivedivgptadMobileTSOLSPBTFMobileCard number| activedivgptadMobileTSOLSPBTFMobileCard number| time_refreshunitdivgptadMobileTSOLSPBTFMobileCard number| nextnumberdivgptadMobileTSOLSPBTFMobileCard number| passivedivgptadDesktopTSOLNewsSPATFMegalead number| activedivgptadDesktopTSOLNewsSPATFMegalead number| time_refreshunitdivgptadDesktopTSOLNewsSPATFMegalead number| nextnumberdivgptadDesktopTSOLNewsSPATFMegalead number| passivedivgptad16109542102620 number| activedivgptad16109542102620 number| time_refreshunitdivgptad16109542102620 number| nextnumberdivgptad16109542102620 number| passivedivgptadDesktopTSOLNewsSPMidOSV number| activedivgptadDesktopTSOLNewsSPMidOSV number| time_refreshunitdivgptadDesktopTSOLNewsSPMidOSV number| nextnumberdivgptadDesktopTSOLNewsSPMidOSV number| passivedivgptadDesktopTSOLNewsSPBTFLead number| activedivgptadDesktopTSOLNewsSPBTFLead number| time_refreshunitdivgptadDesktopTSOLNewsSPBTFLead number| nextnumberdivgptadDesktopTSOLNewsSPBTFLead number| passivedivgptadDesktopTSOLNewsSPMidSlider number| activedivgptadDesktopTSOLNewsSPMidSlider number| time_refreshunitdivgptadDesktopTSOLNewsSPMidSlider number| nextnumberdivgptadDesktopTSOLNewsSPMidSlider number| passivedivgptadResponsiveTSOLNewsSPATFRect number| activedivgptadResponsiveTSOLNewsSPATFRect number| time_refreshunitdivgptadResponsiveTSOLNewsSPATFRect number| nextnumberdivgptadResponsiveTSOLNewsSPATFRect number| passivedivgptadResponsiveTSOLNewsSPBTFRect number| activedivgptadResponsiveTSOLNewsSPBTFRect number| time_refreshunitdivgptadResponsiveTSOLNewsSPBTFRect number| nextnumberdivgptadResponsiveTSOLNewsSPBTFRect number| passivedivchart number| activedivchart number| time_refreshunitdivchart number| nextnumberdivchart number| passivedivsidemarketv2 number| activedivsidemarketv2 number| time_refreshunitdivsidemarketv2 number| nextnumberdivsidemarketv2 number| passivedivgptadResponsiveTSOLNewsSPATFMiniRect number| activedivgptadResponsiveTSOLNewsSPATFMiniRect number| time_refreshunitdivgptadResponsiveTSOLNewsSPATFMiniRect number| nextnumberdivgptadResponsiveTSOLNewsSPATFMiniRect number| d string| timezone number| current_hour2 number| hoursssss object| andbeyond30014 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar object| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val object| id1 undefined| widthidandbeyond30014 undefined| heightidandbeyond30014 string| adunit3 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond30014 string| mediaType object| sas object| apntag object| _ADAGIO object| hmscore_dtm object| splitLink number| passiveandbeyond30014 number| activeandbeyond30014 number| time_refreshunitandbeyond30014 number| nextnumberandbeyond30014 number| iframe1 string| iframeid number| flag string| temp number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp22 number| sizehp21 number| sizehp1200 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 object| safeframe undefined| width1 undefined| height1 number| videoflag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 string| context object| videocode string| idnew12 number| videounit string| contextvideounit string| size object| ONFOCUS function| jsonCallback1237299

83 Cookies

Domain/Path Name / Value
.piano.io/ Name: __cf_bm
Value: _BPdsxMxW6Z_b3rBUkWZC1Z_yWDt1NZMAEhmJVwXqrw-1702121159-0-ATHhUSPuMiuKf5Bfu2fvjBfu9STOb0OnLYrkQSb8IquRHmx0seBVdvT8NC04zmAGBc9WYdT/5WPZdj5gbrE+ch8=
www.thestar.com.my/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thestar.com.my/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWAVgCYA7AA4AnAGZ%2BUgAwA2UcP4KQAXyA
.thestar.com.my/ Name: _pcid
Value: %7B%22browserId%22%3A%22lpxyzoh4760pkq1v%22%7D
.thestar.com.my/ Name: cX_P
Value: lpxyzoh4760pkq1v
.thestar.com.my/ Name: __tbc
Value: %7Bkpex%7D-HmIGvh8zoXYMCjfh0eMBc3WVGn-U8u1qMHFv-iX79jCh9DJY-hMsJTdnOChRwqo
.thestar.com.my/ Name: __pat
Value: -28800000
.thestar.com.my/ Name: __pvi
Value: eyJpZCI6InYtbHB4eXpvaDhsc2xmd2ZwOSIsImRvbWFpbiI6Ii50aGVzdGFyLmNvbS5teSIsInRpbWUiOjE3MDIxMjExNjAyMjd9
.thestar.com.my/ Name: xbc
Value: %7Bkpex%7DTlFdthix7q565sw-BPvg2wnPMqxFoX5LmXWS0CFXQouuESQyxBfCwTNp0DjD9tKw
.thestar.com.my/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVHM6MmY0ZGI5ZmZkYWNmMjMwNDdiMWYzMDEzMzVhMzQzZGNkZTQ3OTUxMzpub19zY29yZSJdfX19
.rubiconproject.com/ Name: khaos
Value: LPXYZOX7-26-JDP8
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EggHtShVXNregNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w/FVwWd5U6J0S7bYvrXfTGq6xDN5t9kVIxHZcwQo+pXrbXZT34qquoZHDrG6etDLgSKPLRELhl3x0A+VO7RH1E0=
www.thestar.com.my/ Name: the_star_session
Value: eyJpdiI6IjJZd1wvNHFMcUxkaEZJNnRDSTZHZjJRPT0iLCJ2YWx1ZSI6InVjUmtTSWNMYUdTOUo3M2tzK0NVMmtjUzVLOEFrS2pRQzRXNmZDd2YzMXlyREFsVVQ3S2lZS3NoUFN2QVgyY0siLCJtYWMiOiI0NzZkNDZhNGU3MGFlNjY2YzViZTY1Zjc0M2JhNzk4MGJjMjg3NjM5MzNjZDMxNWM4OWFmZTA0MjQwNjYxNzE3In0%3D
.www.thestar.com.my/ Name: visited_stories
Value: ["1096981"]
sites.thestar.com.my/ Name: ASP.NET_SessionId
Value: ag50thvu0nwgtteovyxlyvac
.thestar.com.my/ Name: lotame_domain_check
Value: thestar.com.my
.doubleclick.net/ Name: IDE
Value: AHWqTUkylUKk-m0tazcfGHUmQ0T5nnDKGimLnSifa5RBU-nN-R8FTQR6Ml0yLV300MM
www.thestar.com.my/ Name: __sts
Value: eyJzaWQiOjE3MDIxMjExNjEyMDksInR4IjoxNzAyMTIxMTYxMjA5LCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy50aGVzdGFyLmNvbS5teSUyRm5ld3MlMkZuYXRpb24lMkYyMDIzJTJGMDYlMkYwNiUyRm1pc3NpbmctZWlnaHQteWVhci1vbGQtZm91bmQtZHJvd25lZC1pbi10YW5qdW5nLW1hbGltIiwicGV0IjoxNzAyMTIxMTYxMjA5LCJzZXQiOjE3MDIxMjExNjEyMDl9
www.thestar.com.my/ Name: __stp
Value: eyJ2aXNpdCI6Im5ldyIsInV1aWQiOiJjM2E5Y2U2Yi1jZDRhLTQ2YjQtOTIzZC0yNTEyYTM2ODZiMWIifQ==
.criteo.com/ Name: uid
Value: afcbf9e7-25ce-453b-9837-c239f04b3919
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 164ce7e5-4cae-4956-b48b-6338786d2220|1702121161
.thestar.com.my/ Name: _ga_3HWDM68GV8
Value: GS1.1.1702121161.1.0.1702121161.60.0.0
.cxense.com/ Name: gckp
Value: cx:chooope43lwb3p1b4rfkd2dpb:8br277t6hrot
.js.ubembed.com/ Name: __cf_bm
Value: 78.CunK1FLFz3zUY_PZUP1Wjj8XoGDAxREZx4tGxodQ-1702121161-0-AbOcGcNSRrKSCC1Oux9laU3qGgjli/TNhgZc3Tic7bxYj/zZ/DkgN3Eu+JozNDNQqfWGPx7WjpU0wHuUfHeRlQw=
.thestar.com.my/ Name: _ga
Value: GA1.3.314418580.1702121160
.thestar.com.my/ Name: _gid
Value: GA1.3.1627082617.1702121161
.thestar.com.my/ Name: _gat
Value: 1
.thestar.com.my/ Name: cto_bundle
Value: _lTjXF9kWjdsS0ZQJTJCZldkUzU0VHZpaU5NRXZhMjVTZm9RYVFIWWJJSVlpJTJGM2U0MU4lMkYxdUZmck5EMVlwOFFTSGxOa1BGekQxQkJtQ1VsaWhKYnVRZGRDc3NQTUxuRHhiVjZZeUdablJPNCUyQmY2eTZ6am9LcGx1SE52M2YxbGRiMmFHVTZkR054WWJPdm96Wkh5Vk1YMXN2eDkzQSUzRCUzRA
.thestar.com.my/ Name: _fbp
Value: fb.2.1702121161486.763849586
.thestar.com.my/ Name: cX_G
Value: cx%3Achooope43lwb3p1b4rfkd2dpb%3A8br277t6hrot
www.thestar.com.my/ Name: __stgeo
Value: IjAi
.thestar.com.my/ Name: __gads
Value: ID=c29be629cdf5a6ba:T=1702121161:RT=1702121161:S=ALNI_Mb8DNDKWzQzOUSoDI_pjCTgLM3PmA
.thestar.com.my/ Name: __gpi
Value: UID=00000d10df9401ed:T=1702121161:RT=1702121161:S=ALNI_MYsRgNfXHLd25g9ddujgc4Vp3cbuQ
.adnxs.com/ Name: uuid2
Value: 6133686526241940604
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$OuW0y=!]tbPl1M>e)ZlrFUfJ+tGXxo@XplM=A(T@)9$(px<oznUXSKUW[80Rh*O`v:3If)y3KL9D3I?+.$WrfM
.casalemedia.com/ Name: CMPS
Value: 5234
.doubleclick.net/ Name: APC
Value: AfxxVi7xCjk_iZW14BfEw5ngFW6H6HmLDmyzHRPFcJBP0Mpu8kxC8g
www.thestar.com.my/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1702121161893%7D
www.thestar.com.my/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.thestar.com.my/ Name: _sharedID
Value: 2615638e-a2c5-4ebd-93de-722c95917560
www.thestar.com.my/ Name: __stdf
Value: MA==
.doubleclick.net/ Name: ar_debug
Value: 1
.thestar.com.my/ Name: _awl
Value: 3.1702121161.5-869d2a86fca050c9d7eb5aa06d4d0080-6763652d6575726f70652d7765737431-0
.casalemedia.com/ Name: CMID
Value: ZXROyWLe7vYkmxV5Ue5lWAAA
.casalemedia.com/ Name: CMPRO
Value: 2139
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 486159240f36c2cc
.quantserve.com/ Name: d
Value: EH0BCQHPKoEA
.quantserve.com/ Name: mc
Value: 65744eca-2f78a-6ee6b-6a491
.csync.loopme.me/ Name: viewer_token
Value: 38b18850-85f3-4474-9417-875c5235f4e0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2bf5bc9b-4913-4467-aa11-f2ddb0e4c318-003%22%7D
www.thestar.com.my/ Name: _lr_retry_request
Value: true
www.thestar.com.my/ Name: _lr_env_src_ats
Value: false
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2bf5bc9b-4913-4467-aa11-f2ddb0e4c318-003%22%7D
.turn.com/ Name: uid
Value: 3247155204974292442
www.thestar.com.my/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-09T11%3A26%3A02%22%7D
.ctnsnet.com/ Name: gid_CAESEDUx0NE1-GXIUZr7Z4hx_AA
Value: 1
.ctnsnet.com/ Name: cid_a01651de97d045dc9dd6088f336dbe0b
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7310554724631705744
.w55c.net/ Name: wfivefivec
Value: WKiFc2GN1RbVt85
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXROygAFouoPcABU
www.thestar.com.my/ Name: ucf_uid
Value: fbaee504-3514-4eb1-b27a-28bc75e3b95e
.retailads.net/ Name: ppb2172
Value: 3372964496
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 1_1702121162_1702121162
.futalis.de/ Name: raSIDb
Value: 3372964496
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1702121162905,"clickCookie":false}}
.3lift.com/ Name: tluid
Value: 1035243272295754154241
.lijit.com/ Name: ljt_reader
Value: HyrutGZH2CwK9cDzR5O9i5IZ
.awin1.com/ Name: awpv11601
Value: 113440|1702121162|bc4d1890-9685-11ee-9488-2234841a3abe
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.de17a.com/ Name: guid
Value: 1.4233387576558286654
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: fe34081e-385a-5357-b71f-d7bdd26b9976
.betweendigital.com/ Name: ut
Value: ZXROywAAQmjB-j5zbwtqt8CEZqN0p-asztTFiw==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 72ECB1FB96AD43E48E79EE88504B02FD
.adform.net/ Name: uid
Value: 6242911959244025766
.tribalfusion.com/ Name: ANON_ID
Value: aXnvvvOZb3VgUEjUAufyprYimtZdajbZc9nJogAEa5kjtw9UfZbaGP4UJ0vH9GNElg8metaaUlFpiQyETQyCRDkCbi9SCYebJjNEZaJY03lZcrnQv8RvQY

8 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://connect.facebook.net/signals/config/1133176620062218?v=2.9.138&r=stable&domain=www.thestar.com.my(Line 132)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECdVFxE1lAsnafkp96aTB0o&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thestar.com.my/news/nation/2023/06/06/missing-eight-year-old-found-drowned-in-tanjung-malim
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52a360d4000447a08efd7617080680a9.js.ubembed.com
5994599.fls.doubleclick.net
9f1a68c00bac53f4893f5a36e6c0d645.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
amplify.outbrain.com
analytics.webgains.io
aniview-diag-server.1rx.io
ap.lijit.com
api.cxense.com
api.rlcdn.com
api.webgains.io
apicms.thestar.com.my
assets.ubembed.com
bab501f6df12691399357203768b8482.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bidder.criteo.com
buttons-config.sharethis.com
buy-ap.piano.io
c.amazon-adsystem.com
c1.adform.net
c2-ap.piano.io
cdn.cxense.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.retailads.net
cdn.thestar.com.my
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cdnt.netcoresmartech.com
cm.g.doubleclick.net
cms.quantserve.com
code.piano.io
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dtm-drcn.platform.hicloud.com
eb2.3lift.com
eus.rubiconproject.com
experience-ap.piano.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900016.redintelligence.net
hal900019.redintelligence.net
hal900029.redintelligence.net
handyfireman.com
hb.aralego.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
images.outbrainimg.com
j93557g.com
js.boxx.ai
l.sharethis.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
medialead.de
mp.4dex.io
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
osjs.netcoresmartech.com
p.adlooxtracking.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
platform.twitter.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg-apac.smartadserver.com
psegment.netcoresmartech.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adpone.com
rtb.adxpremium.services
rtb.openx.net
rtbdemand.apiip.net
rtbpass-us.andbeyond.media
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-1.amazonaws.com
s3.ap-southeast-1.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serving.stat-rock.com
shb.richaudience.com
sites.thestar.com.my
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
starmediagroup-d.openx.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.pubmatic.com
t.teads.tv
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track.webgains.com
tw.netcore.co.in
twa.netcoresmartech.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ut.pubmatic.com
video.unrulymedia.com
wave.outbrain.com
widget-pixels.outbrain.com
widgets.outbrain.com
wrappers.geoedge.be
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.queryly.com
www.thestar.com.my
x.bidswitch.net
api.rlcdn.com
cdn.thestar.com.my
hbopenbid.pubmatic.com
prebid.smilewanted.com
sync.search.spotxchange.com
104.244.42.136
104.64.162.56
108.138.26.16
13.228.188.75
13.32.27.80
13.42.211.181
138.201.220.30
138.201.63.145
138.201.63.157
141.95.98.65
142.250.181.230
142.250.185.194
142.250.185.66
144.76.128.227
146.75.118.132
147.75.84.158
151.101.2.49
151.101.3.52
162.19.138.82
167.233.14.134
167.235.124.23
167.235.124.59
172.240.127.131
172.64.151.101
178.250.1.9
18.173.233.11
18.194.200.250
18.238.243.65
18.239.50.87
18.65.39.29
18.66.147.98
18.66.248.40
18.66.97.44
184.30.211.26
185.106.140.18
185.64.189.112
185.64.190.82
192.96.203.13
198.47.127.19
199.127.206.103
2.18.161.178
2.18.161.51
2.19.105.180
2.19.217.101
2.19.217.60
2001:4860:4802:34::36
213.155.156.182
216.52.2.48
216.58.206.38
23.35.237.86
23.56.205.163
23.88.17.186
2407:c080:1400:32:bfa9:8b32:ac66:a3f
2600:1901:0:328a::1
2600:1901:0:7a38::1
2600:9000:206f:1000:c:abe:f440:93a1
2600:9000:20b4:f200:9:a948:8e80:93a1
2600:9000:211e:a400:1c:47d:4bc0:93a1
2600:9000:211e:aa00:1b:5138:8a40:93a1
2600:9000:2156:4c00:1d:85c3:6640:93a1
2600:9000:236e:7c00:2:d490:4d80:93a1
2600:9000:238d:600:8:48e:53c0:93a1
2600:9000:2447:200:a:e047:753:a221
2602:803:c003:200::31
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:20::681a:8a9
2606:4700:20::681a:a19
2606:4700:20::ac43:497c
2606:4700:4400::6812:22b2
2606:4700:4400::ac40:915f
2606:4700:4400::ac40:944b
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6811:c276
2606:4700::6811:c376
2606:4700::6812:18ad
2607:4f00:932::2
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:400c:c07::9b
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:12::1730:17bd
2a02:26f0:ab00:3b7::268b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
2a0b:4d07:102::1
3.10.29.13
3.121.91.255
3.124.69.248
3.33.220.150
3.7.132.159
3.71.149.231
34.102.146.192
34.107.231.31
34.120.135.53
34.120.63.153
34.91.62.186
34.98.64.218
35.156.170.234
35.186.193.173
35.214.237.47
35.227.252.103
35.244.159.8
37.157.2.229
37.252.171.149
46.228.164.11
46.228.174.117
51.89.9.252
52.19.8.73
52.219.164.10
52.219.164.46
52.222.208.154
52.29.13.21
54.170.64.73
54.74.86.123
64.202.112.223
64.202.112.255
65.1.255.177
65.9.66.68
69.173.144.138
69.173.144.165
76.223.111.18
78.46.90.238
81.17.55.171
81.17.55.99
85.114.159.118
88.99.219.174
89.149.192.200
91.121.248.44
94.23.99.218
95.101.54.219
98.98.134.242
99.86.4.128
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
022cf9f17fa8a7248c3a96ca624b9fd44b79d551d1fe29ff147972992122f600
0288f678cb4b106fe1b4872d6dee03f00c0a0375396e730c60637b3b1b2021d6
02a72617250298397a470d0c8d32340bc6deb9e6aa0db71d49707ad843f80385
03afe509da9a7e849c45b82beaf04bae7ac99b794cd7adf0cba6edb08bae560a
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
042f46e36ec4ac2584ebd5c3c6a224ff18cd421131d12f3ee809669fa8920f2f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012
06ed69faab74f2bffa2bd17470fab743a1694f79b9b1e7305eea1347a1dbd03d
0701e9f05edf152bab068b3eb3281be764e22211ca0b00e03db395e7a950ad31
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097
09f8442a60f280f11a578f269405d5f689ed12d11aee1114e419294becaa9bf3
0aa40187e08a333cf7980e217d1017a177fd78c44d2c9e0b0eb18f99d9e8b3d7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d9b4ac7b1855bc47c1b3b1e722019842855c7650099d67c8e22b42bf9438dd9
0e357163c958601d3eaf9f86dd641ab5c929651c8a01ef07337c5150d1f04ca2
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f37932f9105534a82b2453b091fa3b4108e51b36ec10155f739bcd28dd3d560
1155bdcf9804f2fa5b574ddfa09254f965a466aa44c36ca41d6f06eae112cb87
115f9d144a27c6a1a0ee876f4ca11753262055969064546b59521df99f3e4af5
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682
12359b4cb466b938c55c7979fc0eda154d76e5a3db251f57149e7f94878f7bb0
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12bb00e6b04d311f0b2ea2863a7e609d9e00a9086cda7aafaffb9476482ccefb
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
137223d76a578f02a067309c87951c1677743fe95382f3de068dfa3cc3210541
1413017f0d6d89166aae58601449b6cf4940f7a2e45737a6eb276e1dadbdcae0
1456bdd3d37d926030482e7920278f4b4ca1b9f8c2f5fed6799d2fc7f0203ec4
14b143f3462fb0d2d1f0dc02504ff7863478378ba065c9774d71bce1a6e13d01
14f0955afaf4ebf9814be6d3c0599f10bc0bd6ed5b6ed865fb2eb2d3b1c3a3e4
150403ca9f6a4f6f1268f7206e37350be617bd8f7db2b38299e5df70e2788318
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
1669962b89ccf058e0eb82e6f67d0669e752f354bac84ebd7047e3e95bafbc99
16a1c7560ea27c2da69f25d6c30363806470f4fbd0be481d9e8fe3f10d9dbf92
184a13e455a99a788c6d1547a02129587ae863f16527166867491ea8df10e9e3
188ff1b5a8cae968c82e96089b88544f7211f04deff148ed6e2f6e4c84a770d2
1918ced52843a1d4fa5c3c08e8481356c0656e7b45dd56c6162016bcc636ed1a
19c2e4de8b00ce28b63ef23eab8660544e7c48767f42bbf1804a17f04c074388
1acaabe5be0185da9c2db5d9983799af7eb7a43bdb2229db6a96342375e0d18b
1adae67684f61b80a85c973cc5fa0011e1a6c1d8e8ad73cec5f48f3bad3f6a9f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb94b65201dd8134b73250cc2bf2da0bf7c29a899cb9bcf7caf276d3629ea6e
1c994adf0acfb8d95423531152c6b1f96f71d2963679c161800528d6639be4ba
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d94246439aea5d839246c83b19193eef08c7d16421592c0f1e7b43d52ba96d2
1da178c0420e655510bffba588ed8612fc7f8cc9e3b072f364d27acd1b75f3c5
1f33759d43473b42f60fbbd9996be3cbd9d0799f4483a557bbba78acec2776f6
20b9a55de8622faab2dc2141996d4e289ec1283a6744c5bda985a37488c9b1e3
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
218e455917fdae0bfc7b210a870ebae55d8c3da1edab012673d32520db042614
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
22c2d89e2982127b2700361789cb945cf54cd8503e7d2a0e7589de6bb7bf2e56
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
248bb9dea8346c4869daaabeffd4fdb2ea4caeb96e2559e7e222e93cb0d8308c
249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a
25ddd86f5287d140be6921358b86bc0577b4e434dc0c92adf5537b07f8a7692a
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e
271be90abe9cb3ee54d010346bbbe0d80b903ebec3a6c8cd9cfd1404370d8377
2756b891d33e886ccc38a154b38b398dc1df2947df67be65d2c5d84bce847d2d
27af09a899ca656ce17c939c4b9e3d6c5945a7a710929eb7547bdb96707fa4d3
29e8cfd1bdf4a010f1f5c9212a0374c2fcd1bcdba402ae0c28755e65ddbbbaa8
2a59d995aadab3fc7910a394622c3ea6f99bd0f8dcd3db076912bed68430ee27
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5
2bdbf2d6943354d1abea6da66f5b744c4963faf9aea776430aa5cda9ef317479
2c5829f79a7576da3305c2251341a0a8d9c59fa2f90fa4b0d5f19c0bf3754f3d
2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6
2cb69794f9c7e24527a5cd6492c800d87dbdda6b810631c56e98470561c8e0e0
2df7b1d39013aaac880a63c43090f57e38890252a2f4522f404f048265272fb0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e424ed2758c2f79068cf7bc06202ce46309fe9f9b626604f4965306c77322a2
2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f1c73ffe52b5bf0ccb4db82b1924b3c38b8d772e8e8dd064f1bb7a708844800
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
335412f0cb48f047596da19fa24728986c4e56463e93ba7c2e889cfb388101ef
353fe3f27aa022027a4b949939daa2524cca1628999b7abb9077854234650ba3
3578093060c5409d7b348955ddce60be997817f7bcdc3878e3b8bd90eb0ec8c4
35f9138b6452c07b1abc31ab32e0a7a1edc2a4bc7aab40a08ae7dac413689c2f
362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3
38762d53aae22b3a2f08ceeb9d0f037065e0f983891cc4bff51ab9cf98744922
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
390abebd52562ff0047c4ac169179646a2309a2e2f8e35248dd7c4093d193f15
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
39477fada301dc22fc1eeee8463f43f4385f54c0c87cebef6c7e0d90efc642cb
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e
3dc02c22eb64187a6b715fd746b3a933be68d2f113c6231526b5230f53510ec5
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e93221c25958e1acf1d854f31b720dbf48a849faab21619c41758c69c6d529d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42d0ad5d7152807e1f836083fd15e5bc3bc407f8cbf0b41ba55b8ce1aa0c6184
42f7b814f7b7dcc8717a48eeffdd2233925f658e1376ef1273db1f9884c1284e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4368d7f6a28d98ebd26e392505e54811e2038e5d68238f64ea0a30c3000e521a
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
4386c7d36c2e81e3f6948e27c554656193263a2b0c099b3a6721103cc3ad4a3e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
4593696ec37cc5a9a49fe37b889c46daea4fce218b141cb2af823ee7f8ba9846
45c94097c497b0b0ff39e80e87f9dd25ea631a21343bc86a9c40ca53598341dd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a69107e68b57d91be4da3e292551fa402d8d84562bc33d36bbd4dfe7b423f7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c
4c50901e75a6376f3c036099f4639a0702a32192ccb8da48c3a0dd6a8f52050b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e79352e79d15fa89b1ca66f93800184d3b62dded585278eaecdb4bbf0edd0fe
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58331bbd46c0b477fc7324175af41a72a49e15d5dc60e815981749c39fd79702
595f0e40435a963cda716215b98d59008c9c7f74cdbf116169fde0380762da3e
59cbd2fd934701c9504cd5c9a18506773815e08f298e2e78de01ec64c05cb4ca
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa400662daa8831c312bdcc8228952c2ff390a75b2f80a2a262febaf9633637
5b1298e8d09ad2de52e84220decfc0ef0d0c0d69fa11798755d4ea396160374c
5b251e5457f29de3c66fb4d422ec34b202cdc66eff6f3f737214f5bc44b01ad8
5bb52c768186fadaaceb1810af4c58a5b7f5de7a6ebb64f535de048dd675d1ce
5d19f62a8f64b8ab0fa127a84f36681bafa4a6264dd014c09b6177ed2ef06032
5e16f94c38a707a318f9de7229ab12619d5958e6bb364b21a9699dd7a72f5bea
5f3df4aa86a79ad70161202fade6960085bb2731db8c37f26a04a14a3b7d0fe3
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60eb5417393d93d3cd0afd72343d724951e770b5f8c24da32bb3d2fb0b4d2ddc
6187259b2b1bee37922048756e7c179349f7f665749c40a28eb69dd83cd9a7ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126
626a24372e4fe54205b8ad51145448f27e81c823e782b719f3bc5e553fc7dbe1
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
648493be4530b2bbb9b69d7f52ceb89a75c0405e3d9da1021049e5fb570841d0
64cdddb35db99e4199b6d4148c877312459b50ef411c39dfaacbba8c7b038c2f
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65fd53bb4153b7a9cb0493d3ef4b83dfc325e153511d6909a20a6ffe0ac41bde
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ae9f9772b0c423b8e264672ab21c6f1cf50fa86120dbfc15b209e1e24962d8
6705ff4c9bd021bce7409942b5a6f4053a752226380d67e4517149d20e5df67f
675a1658af69c591b6e7cc8ad8ba51d5f06327e92d189a24fc47229f5c333794
682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf
6a2a4f86cf887da445816c0714592ee202d0e6734e91d016d75f81ef6841a51e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b2c0adfcb92a165063af32663ae95ab97f57b1df2f65f8243cb2efef974d74b
6b42481fd1b1a77daf67c734ab572220417feb677c4321545143ae5d778bdc05
6b835bfa34f98220c71632b94ceace40a3d314f0b4c63a24ed3158ab80ff198f
6bd9dea55a6fba631c02790548f2b57fe1505c1250847ce76be6ae3fbf8ea04d
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda
6e105beb35f91a8d5074e5e1c4d2fcc4ddf3daf438fea68f2157d1caa0fe08bd
6e7ef89237ba26d4af60b5031a1fec987881aa9083556676c6f0be8b293df2bc
6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27
6fb2deaab00ac14984e92854f63bc21df6a8c092cde85a090949500a90fba61b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70c47e8d4b9ff920fb9b78fe5e5c2a0a0e363c678fccf80e6b40bde330ba8c19
70e804717bd73d9ae92aca06f4da252723749779682ccc19de3f1319cda73649
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73cb9e5cd7bbcd284f97701fb1706de9527e061ea543f535266bdfafab259f3a
73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854
7523c7b37ea5a51673506957c34a31fd66a7efdf842ff6a2b06e8c5920fbd339
75d7f58a2623ddffb3e61d43684def895e48be7b39530028c7003b00a587669a
75f1f833dfea6edbfd268f196ad40df5563b22346164d520b92afb04a0aa2819
7617fb081b55e9ba85d27ea9fcd122b9d8c86c95d99bc03e945d75a4f0e11b29
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c
76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78f1581609fd1174b0086ef6cd15e107451c0e86838772a815b7b347baf313f2
79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9
79cb6caab9e38d348251a2dfbec1f7c33af1f0ba4fa5e90c72ea834f62db1449
7a2a885ced31775688b02c8e38311884e2894c8d4b65aa5d23d7c7b879a371b4
7adfb3a5ac5c8bfa34e7152e548f63987ab21c5a10357656c7484d3eb6415875
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b5dd65324ee996ea3ffc3fd98721f3d64b05460ba1f24cb4749b7d36f932ff4
7b9fb3e288402ee374a562627d2690a7c921eb7eec582caba1a5c8a2b42c3e9c
7c0fa1a90db008638030cecbd7343b2ae871027d7bf6b65c5dfce5c7e7a5bf2b
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d
7ded987bd18e1d6b24d72a86457b9d30ab0af4ed0bd3720ab448da2bdd1811ab
7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019
7e0a58c4980f60f2469c0348e4c523bf76b97d8443191e14dfffbd5dd79954a7
7e70bd9071c2350f81142190c4d941172ac234d48aeae57fd5394b25a0540906
806c88af81e15f8784ad926cf7586b0572370fc5d5a624c94cd381c3517ab860
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
81c17359388a080b3d5f5c41058197e6cb6e6e78c253c5960397e36bca1546d7
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82e3d92275a73b7d10f1b1db5a8d1b372f9bef00af3116b07c64b355fbba6779
839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e
83d4d300e3f0d88d13709ae92a55f60c9925270b1c9858d2d69c088c32b26e67
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de
8793f6901ffc7685131ca9785224c01c76993037717f9277ea8c8e0027d9f0cc
87b589af4850ab6c0c81671544aaf2b38d790904090f1c3d26a08f58cb5d8bdd
88b4299cf14bacbfec3ff53fc588f47bf703e1adab3302b3822c139141103e43
897450037ce1ef8bb14698899252781c6e1da003dfa1deea3484c395a9bb89be
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae2065b0d7c4d9a6bb8155e41e426173f687c215e00690c4aea5d03e88d74c9
8b89b9399e766fcf3502d08d89bbc6c538c646aa9ac2f01d373a2681fc86dbb2
8be46074a07e5af5816593d2871cb2962b479dda3c380270ec83da5cd218340b
8c2af0870755a93b94d5183e842e549d77b7d8260f05e661791b0c0eee16ed08
8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d795b44603ae31eb52eaa58166b817c507c44f8f4490de5d31efe682fc3a7d0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7
91021483719d4c5d07ae21f70854246ba3ac3ba28e76445a97481a9e1b752820
913995d0cbca6446ed962cae88e3792d7ee9c9ff7fef4bd7e6989096dfa0ad09
917ebb454a1a2285d716e780e148b4ec57dfb129aca81c53b3be1449b4126135
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92f00a1c0734c67739a4e622b69795cbcee6c758bbeea36ebfb2cd80be015819
957b8cc149d4eca50ea904d18ed8197ad23a57d304a5e52f349b0549cac9000f
975c6d207d24733521200f00e168914599d4cf2984aac9be008e0ee15246a44a
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa20b07db5add4c0698a3434b2cca0ae81a65db16bc91dc3ee10969ddf160b8
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5
9af81eb9abc896884c3bab25d37d1c26548c23ea2541aa10a4871d4b88003941
9b27c44f08b7a1ce81289c9ba4d166a60c76c64d8ac6fc961f7dac6ec6fd8630
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778
9b779b6ec8f65e4ef57ffdd3134e505293b36a334ba437cb641de413cef5f9cc
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9caac2c9fdc1c8e68db3a0fe848f0d1c01b1aae34ee7816f0bd87a816d18086b
9d263f2a73e26d3004188d11d4938f975122eceb417e553a495061b4bd16a253
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36
9e9a0fee08f54a7955afc0f906fdbfca87e2d33860d26a713bf052bc185588f0
9f684d1033bd9fdcfffe601e3ef557d9b99589ad4716a235c5bddba5b94336dd
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16ac46fc3abe5319836a82f071c446625fcd99fe6d5d8b8478a7256c8adeba7
a375ef092ed0d7aaad2404496dcabd82434f6b50428261da9fc0d4f1cdd6cfe2
a43a38a9708da7a2593251425f3d4726934cc50f4d2ce4dcc80e3248f9d97fce
a4fc3dce86fba846311e8755f83c33672079be00a4cb0832577439cda7a157e0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a
a6bf86ff6adbe72061a78f68d0f50b7ad45336a7735f4636c7a7edfb290bf9ec
a8c04b0f8aba9e4078696e0348bfb764a749e71cb2d972e5bb677fe5cc1454af
a8e86f309d0791ee9dcc669ba6aadb4cb0bfa058f08cef374953f59fbf417544
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9a999669a2499a99c4b220028e73b054d77f8dc3d08c53dd744815b48d07510
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d
ab3dbdd8bb66946defe69c15231c6897a864e51346d9640fba4f797a89a8df49
ab70c1e2bd9c3150679be978f9b9064d835f6f6a1ace889f26b3e60177f7124b
abcee800eebf2fc13b790c53a48b1efc0dfc74f740c528e05a91004ecf56819c
abe6cb4063ba725e85046eb897827e93f7fdc9d9343e10f49118aaf06b9aad7f
abf38237f2fa5445aa0ee0104d11b861f15dc994a35f3dbd52da71f7a6f810bb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1df901a1b50f6538d1c48215111f183cbab5115f12df92fa30d320befb83d7
b0ef848994dccebae5e70d0f00a93707f3cec14ae5116baf48b653271e3376d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18a225c02759c63a0a9379807d338057f93f046eade73da500b100d1d9fc095
b2136077a84c6d45c78285bcaa88b35ebbc711993f2673d1bac2dacb9346efac
b2e0355daba5ba9cd556dd5043a5b03cc25b48dc4ad1ea7cb4c6db84fda840a4
b30910deca4b261b30732f807a9b6f3a9e6f2173abccc1c9becde7a220e75563
b3879c31141ece6c5af7025b66678e73d4e1a843544ac4056891bfb7eab8f002
b3fe74a112c606218694acf5278e971152df1821b8fe6e44e28f96f9ed7e8119
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b67ff367a760584c24979455c2164a16189fb9eda3be40564caa3ec93b71ef49
b6c3fe4eb16ab36b205a7e57623ae8eea64a4ea3c1e26472134787be016d0988
b6d79e687de2b0dc3148da07b8b29e42ddd99288f7b483b31b0c5fee8be74652
b6dc41bc6587c9140b8e74ad8f787c811fe9b6b69803377aa894129308f465fe
b6e7cd65869288e9dc4dfc94c969ecf381b4d97a3409cebadfaf489059a80ad7
b7ae72277f1c817c9a41284a9194a09b12662ef82632086e01dd94a0b75fea79
b844668eae3ecf38e5f9c9d017097201e736423812ad480abe6e5f3ef1fc8677
b99336c49d0d9f2b7ed9977adff50e5b91a968e626268d2198a5b33d493486a5
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
ba3413e334fad2fba09a65df41e90726442670d3348d386a906b575bc6ac9665
baccfcc115eb2fce7a1200e3b0295ac98655d6e3d6a204e0c32c4682f5ba318f
bb3fb357d0db0e65d816f0aead6bef0837ba86b4c08e06fa9d06f2b46a3dc3f8
bbe895947fab0f1d3e4160125ab09ee58270645a54ffe651810e7517442b36e0
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bcdebcd677862655ebcd7bc97555bd789479cc78cf70b3eaa58b7e318481ff86
be3c417b5bf2a8baf2ee965f317e379d9af65523cf52833326c7511f2d33d69e
be89cc9c0ee2479c37973581f1b4cb87bf07ad2d1a7e432b2facebc95a2bf236
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c037c232a72e0a842cd04e56623c0bfe1f9e6db99fd4746ff99b08191ab0b538
c04e29187ead1e2c0bd794a031df7d7140d5d0225aeab6e6d561e64cbc426b66
c04eb02f7a219e6b6c83b3aa70677db68a7a17468ed84d79c359880de5521c26
c07acb5e3697e5c8adff265f7063cc2eae97a0e7ab0355d8f8b96e53acf24d41
c0bcec8e35eb4ecb4cfdd29acb48ec3038bb16c1ddf18fa54d6b7a341e4f2c19
c105a539c7233dbbdcf7595ca0e4b8fc0bb16f886c28ad11dec1873b9914e99c
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc
c1bcd63cdb7dd95048eac4505aadee6b6dfe2d37f5c6d71d530d7534310ecb00
c1f563729dcd48196d5a1e124d13db072038bc8d27e32d101639b4f27c917b90
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b6054c22faa31108d53afd6f792bb26e34877a1cf53a4719590e2f255a522e
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c542d4ab7544a03161ea92651b7b45b2ee4f1c22642e7a7d266550c155e48f84
c5b7b80776d33c1e116616b6500b433a85b7347e7a7cc83be55955226c9db6d7
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97f0ca756712d1afb4c1c8c7b7028bf7a8b2e9da6edd3c2522da52497f299cd
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
ccc9f4374862244dec50bed78ee71ce0e368adbdc53c23826372a6e9f4b4d90e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf
d0237376c93777aab26c4ccdb9e5c4a7c27bfe517da39a0a626d3d54044ce23b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339
d36950a34495f0f28ecbf33c0937806c1c2ace9f541cda5a017682cb01a54d19
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d64b859b46f7c2f7dbcee6408f13687413c57c1b571ef8c92b53fa25048e56b6
d7e9719b72420a34fc7b21b91e7b86732f261a4b99cf579d458c98ad2406b33f
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004
d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda
dbd402427adad1345c6041097f643ad2641bcc49ca289bb6b1bd85ba683b1c8b
dbea0d9f17e3045a3b6fdd67b7fa53620fb041d4318c9ec80ae26b4efa91da0f
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc251bd2f3d0fdb30e7c59feb95463f393679f497b584d4a624c17c34846d5bb
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a
dcdd3dd1ca889e151650edc9df307c1165f777f55ce8a21537691d45160a9762
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4e934f7208319c5dbb5440ebec255f8600b47822ba77eaae589b7ddbea61b3
dee9c8617500d4b9390ff31f903f210640fc7f95fa9eec97f9107dcbc3a4d59f
df9f998f7d4343b733871e4d4ae40b9fec79e8b7e56bdd87201c1fa8dd5612e6
dfd9f6a9a843989168bacd471b39283276b11f104e4d4a382076f61e1d32a973
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e034a552e2ed526ad16bac6bec55338d85d72a11813ac526b0a4d5d679e58d2c
e2087a1e973a0fcd0087d730072da06ccf2c545fb5c4280b69350da3c4253d99
e2706f6a65d3bc130d346ca0ee0b8b1d99bdd35f682b50459edfa7caac9b0b56
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764
e3d7d7b3d6a825ced1ab2ded132baae1f455a4bbebde9543a387dbb4a7c6396c
e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0
e4fd280d65a80c0533cd45a87c97623bd167d1f4aeef8800776eb1df2d4719c8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ff1581d0d09f9605566be29af101bf573cbae0eec4a9563140ee8d1becd1dc
e74d11c15143a3f9d69c6096c04253599b4b4c0fddb05ce244f0612cb9325e19
e75ab6d71790a083dfd038f73d7870b35d04623d2cb7aa7ec662f5fde319a40f
e81cee5b0dbb045559ea33694c3a87602c7f32abca7ec53bbfd5366f6d653552
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb0f3ab4553ad4d87251ac66f4f60db09dc1aac45a0c3008d9319536712f3bc
ebcdc4363b366b7bf82cfac7e9b6679c9e8c0e4a7b5959755e0f2c448884e272
eceb34de512a9e5f85536f7cef90337f6741fc7f85b2e6664139d2b963352b3c
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed4f1490ca6c994e0613295e2844cd170c318c713c8aac7800e31cc935961f8f
ed512d4f44ef1a28d60e6f5eb8c874e88f147bb5a0af91a025a7acf1dedf2f03
ee36c7785e6f287272eda49f3e4a80e52a9a8dcc5555685a46a0919c89df3bed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b
f01ae5ce5ad4830909f10e3d30aec16cfc868341a5d843390fb385ddb0ad05fc
f06a5637e1d66bb7c43f4f1ced10bc634be5684ed00dedd15a6074a4ef499d09
f33be347feea6c6f7bd4e964b82c49bf18e72fefcacd51262d6a187dd94cafb0
f3c77960bf019d8da763868f31859479d823c773f8f6358fa37742f0910484a7
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5b5f5c22f5b8e88adca3c26f5be550106cdd7457a7c85cf8496738d94b31d69
f6235ffbdfcfee97e18c6ff45373f34a6b552b55373c73d2ef06ddbf1c0f855f
f644c16962f0ca43d6586dc214ecfeba47b2b79d1661ad9b22f4c05180a4c9c1
f6618196c1088f151f1c03846ee77bb7509bef6b367c3e76f2fefc6958b48705
f67fb7114b84fa6c41a0f5d95923f8e7aa8cfe3e53a3be34e6a0e9e828219f6e
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f730cf198d89f0d7ad5127d10c58b53f3b85baced67a00b6c84f9bc3aa1493bc
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
fa0d4adc7bde8a362de5feda9272bb6b2e9aa2c1f7067b7e4f9ce23454fa3601
fa71f9c21951804b669117c64c7b5b4b4c7e237bf700a8ebf36626d3faac0d2d
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63
fb6889a1ee36ef55127a4220a45119bc70d3a9f9bfe4f39dc2d3c4b546f6fced
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd2dc3763b9fbe9252269d89da54bd03b466ae027871e5c2a7a6731dfa8c54cc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7ca8299855a7931502a7ccc3d5eba865a0574eb1b6fdb5d0f33b384d01f1e4