portalsemakan.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telekom.com.my/
Effective URL:
https://portalsemakan.com/permohonan-pelan-data-pelajar/
Submission: On March 21 via api (March 21st 2022, 2:46:02 pm UTC) from DE — Scanned from DE

Summary HTTP 283 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 71 IPs in 10 countries across 47 domains to perform 283 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalsemakan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time portalsemakan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	220.158.200.104 220.158.200.104	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
29	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	184.30.24.198 184.30.24.198	16625 (AKAMAI-AS) (AKAMAI-AS)
19	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	204.237.133.116 204.237.133.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
6	54.171.76.225 54.171.76.225	16509 (AMAZON-02) (AMAZON-02)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4002:c00::5e	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.201.245 18.195.201.245	16509 (AMAZON-02) (AMAZON-02)
2 14	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6c::8	15169 (GOOGLE) (GOOGLE)
5	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	184.30.25.161 184.30.25.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223e:e200:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
7	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.48.241.99 52.48.241.99	16509 (AMAZON-02) (AMAZON-02)
1	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:9000:224... 2600:9000:224a:8600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	2600:9000:231... 2600:9000:2315:d000:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.35 108.157.4.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:3a00:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
6	52.86.87.146 52.86.87.146	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:fe00:7:254f:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.120.46.173 3.120.46.173	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:1a::7	15169 (GOOGLE) (GOOGLE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4013:c1a::65	15169 (GOOGLE) (GOOGLE)
283	71

1 220.158.200.104 (Malaysia) 1 redirects

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)
PTR: lion2-smtp3.sfdns.net

telekom.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

portalsemakan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.171.76.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4002:c00::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.201.245 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-245.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednsz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:e200:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.241.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:8600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:d000:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-35.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:3a00:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

openxdisplay970503469688.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.86.87.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-87-146.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:fe00:7:254f:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

vid.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.8 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.46.173 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-46-173.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.144 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1a::7 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

rr2---sn-4g5edndz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c1a::65 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122 edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 263	412 KB
42	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 bid.g.doubleclick.net — Cisco Umbrella Rank: 468 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 pubads.g.doubleclick.net — Cisco Umbrella Rank: 494 ad.doubleclick.net — Cisco Umbrella Rank: 181	287 KB
34	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8333 cdn.mgid.com — Cisco Umbrella Rank: 10514 video-native.mgid.com — Cisco Umbrella Rank: 28798 c.mgid.com — Cisco Umbrella Rank: 6428 servicer.mgid.com — Cisco Umbrella Rank: 8449 s-img.mgid.com — Cisco Umbrella Rank: 7801 cm.mgid.com — Cisco Umbrella Rank: 2218	512 KB
29	portalsemakan.com portalsemakan.com	392 KB
13	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 pixel.rubiconproject.com — Cisco Umbrella Rank: 289 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944 eus.rubiconproject.com — Cisco Umbrella Rank: 503 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 942 token.rubiconproject.com — Cisco Umbrella Rank: 595	16 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	101 KB
11	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 64714 go.trvdp.com — Cisco Umbrella Rank: 56324 s.trvdp.com — Cisco Umbrella Rank: 58266 p.trvdp.com — Cisco Umbrella Rank: 50650 vid.trvdp.com — Cisco Umbrella Rank: 149423	289 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	446 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185 bidder.criteo.com — Cisco Umbrella Rank: 689	8 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 1742 as.ad4m.at — Cisco Umbrella Rank: 2174 assets.ad4m.at — Cisco Umbrella Rank: 32740	42 KB
7	adform.net track.adform.net — Cisco Umbrella Rank: 3334 s1.adform.net — Cisco Umbrella Rank: 8028	35 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1227 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266	3 KB
7	smaato.net 1 redirects prebid.ad.smaato.net — Cisco Umbrella Rank: 3208 s.ad.smaato.net — Cisco Umbrella Rank: 698	3 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 260 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352	5 KB
6	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 419 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 image6.pubmatic.com — Cisco Umbrella Rank: 571	78 KB
5	moatpixel.com openxdisplay970503469688.s.moatpixel.com — Cisco Umbrella Rank: 2056	1 KB
5	openx.net adasia-d.openx.net — Cisco Umbrella Rank: 43068 rtb.openx.net — Cisco Umbrella Rank: 1359 jp-u.openx.net — Cisco Umbrella Rank: 11041 u.openx.net	886 B
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 924 r3---sn-4g5ednsz.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	18 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 565	889 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	107 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googlevideo.com 1 redirects rr2---sn-4g5edndz.googlevideo.com — Cisco Umbrella Rank: 71396	545 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	523 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	760 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 49130	6 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	953 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 491	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	63 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	809 B
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 329 geo.moatads.com — Cisco Umbrella Rank: 553	109 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	100 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 22767	119 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2544 pixel.wp.com — Cisco Umbrella Rank: 2476	3 KB
1	youtube.com s.youtube.com — Cisco Umbrella Rank: 747
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	707 B
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5686	722 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829	581 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 492	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	465 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 409	330 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com Failed	743 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	telekom.com.my 1 redirects telekom.com.my	228 B
0	indexww.com Failed js-sec.indexww.com Failed
283	47

	Domain	Requested by
29	portalsemakan.com	portalsemakan.com
22	pagead2.googlesyndication.com	portalsemakan.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com www.googletagservices.com srcdoc
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
16	s-img.mgid.com
14	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com eus.rubiconproject.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net portalsemakan.com www.googletagservices.com
6	p.trvdp.com
6	prg.smartadserver.com	anymind360.com
6	prebid.ad.smaato.net	anymind360.com
5	openxdisplay970503469688.s.moatpixel.com
5	track.adform.net	edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com s1.adform.net
5	csi.gstatic.com	imasdk.googleapis.com
5	imasdk.googleapis.com	googleads.g.doubleclick.net s.trvdp.com imasdk.googleapis.com
5	cdn.mgid.com	portalsemakan.com jsc.mgid.com
4	ad4m.at	s1.adform.net ad4m.at
4	servicer.mgid.com	jsc.mgid.com cdn.mgid.com
4	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	portalsemakan.com googleads.g.doubleclick.net
3	ade.googlesyndication.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	token.rubiconproject.com	3 redirects
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com anymind360.com
3	image6.pubmatic.com	3 redirects
3	id.rlcdn.com	2 redirects eus.rubiconproject.com
3	www.googletagservices.com	googleads.g.doubleclick.net edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	mug.criteo.com
3	video-native.mgid.com	cdn.mgid.com jsc.mgid.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rr2---sn-4g5edndz.googlevideo.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	vid.trvdp.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	static.criteo.net	anymind360.com static.criteo.net
2	match.adsrvr.org	ads.pubmatic.com eus.rubiconproject.com
2	s1.adform.net	track.adform.net s1.adform.net
2	cm.mgid.com	jsc.mgid.com
2	c.mgid.com	jsc.mgid.com
2	r3---sn-4g5ednsz.c.2mdn.net
2	rtb.openx.net	googleads.g.doubleclick.net edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
2	edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	jsc.mgid.com	portalsemakan.com
2	ads.pubmatic.com	anymind360.com
2	www.googletagmanager.com	portalsemakan.com www.googletagmanager.com
2	anymind360.com	portalsemakan.com anymind360.com
1	u.openx.net	anymind360.com
1	s.youtube.com
1	ad.doubleclick.net
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	s0.2mdn.net	imasdk.googleapis.com
1	secure-assets.rubiconproject.com	1 redirects
1	data.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	assets.ad4m.at	as.ad4m.at
1	ssbsync.smartadserver.com	edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	jp-u.openx.net	edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
1	geo.moatads.com	z.moatads.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	z.moatads.com	edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	htlb.casalemedia.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	ib.adnxs.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	cdn.jsdelivr.net	anymind360.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com
1	stats.wp.com	portalsemakan.com
1	telekom.com.my	1 redirects
0	acdn.adnxs.com Failed	anymind360.com
0	js-sec.indexww.com Failed	anymind360.com
283	92

This site contains links to these domains. Also see Links.

Domain
www.truvid.com
widgets.mgid.com
www.mgid.com
www.mohe.gov.my
akismet.com
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
anymind360.com R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2021-09-13` - `2022-10-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-08` - `2022-05-17`	2 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Frame ID: D8163DE334A8FB393A817D2AFC19ECD9
Requests: 142 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: A9ECB0FE49C6875CC1F8B17564FC3F33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&adk=1812271804&adf=3025194257&lmt=1647873954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873954852&bpp=3&bdt=1451&idt=124&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1952985218076&frm=20&pv=2&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: 56C370173C9CE4FB0DAEF691278DA564
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4510782C492F5C9E3FF6372857267344
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F93F1E4D1C5A15105A3DE44E548E8D8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16
Frame ID: ECFFA6304F0F5515C9D7A1C4A9F8A7E1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: FDF0221033CBAD788C9BDE42B946FD94
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D4D6C04D1900E485C9B4252EF8D6C784
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 92FE4A790150D9977A85D804A020C401
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Frame ID: 2E4C8D6F3199FA00359DFE5C8BDD997E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 448247F072747F5616DF695CCD85EE99
Requests: 9 HTTP requests in this frame

Frame: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD560FB98CC8B2407CE18E1C8DA78E52
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4F2D6040491E6558C6E7CD6652077D55
Requests: 3 HTTP requests in this frame

Frame: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A236F0566408307AA8BB58C2BC42097E
Requests: 25 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1647873956602920095546
Frame ID: 6CF58D9F69300626D0C68247F28D73D9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYwA_cl5AdEX5LwNJvAeiSPlfIKfakZBnebloSKSRw2AWwIM0VwWqg4dfRmP_gytGMBPh5qZfrntBX7ktH1asY_u8c-9inIKDMiGmtxykYFTxLGZvSVaHbgK4cYQD9yVnxqKU1kc4KDGs1Kv0thrXkzVNijlcAmkn-WPvTitAcVdLjWF12ZLRpZRHiCMuRfHdvECxYV2ldEqHB1eLk54pDN8Tpjg4Pit92O2LhC1qZ7M2LmZppT35MzI5kbCQU462E-phqgUH-uN6uOR3K7IGybavoMXfLvLSbzuj8Th_IdUWXCzhs4jHOWgzhIaQgEbmexzu3xOxCqww-c32brUIiyblUeXeEASI&sig=Cg0ArKJSzKONSwnydnpjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D99E534E20B16707A957151D6681EAEC
Requests: 6 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Frame ID: 794BEC4C6962B76E26A9DFE9B75E47BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD8A212430083B83845AE0F7BCDB9518
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1F225C023EFF62DF3482A3DC02B51C98
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portalsemakan.com
Frame ID: A6EB7EC1FF05A41C973839DADFAABC85
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=_X7u6Ar1KoLkE75fgOloF8svBjspKlDy&g=af9c95e75457fcf0322fbd742dbe4b91%2F141586606796437281&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647873957675&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DAAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0%3Bcrtbdata%3DbV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmsid5sRYChk-2-Jv0hIof1uCvlaobs-GCtf8FMH71X9epw69j-Jt7R_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJ3j0t6WLbEVo1%3B%3BCREFURL%3Dhttps%253a%252f%252fportalsemakan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: 04B6874B0C4A04048FFA3126C7C6E25D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 508589160D21134989CFC33B1F4BD44B
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 20487EDF39C83F1F0ED60BC16A8E0E99
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2098B39542543F3AAC2D30F50C286B8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 9080BAFD15598C0098854422DF0ABFBB
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DBF42740088E6E0C2476F920CBE53508
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A1A23027B6E84C30CAEAD81024C16A1B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E74DC015CDCF3DF225A177E7B34038D6
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D491DA7389F19BE05EFF980E30021997
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 68692B16FA4AA8AFCA2384F6D7CF2A69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Permohonan Pelan Data dan Peranti Percuma Pelajar IPT B40 2021

Page URL History Show full URLs

http://telekom.com.my/ HTTP 301
https://portalsemakan.com/permohonan-pelan-data-pelajar/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

283
Requests

92 %
HTTPS

44 %
IPv6

47
Domains

92
Subdomains

71
IPs

10
Countries

3719 kB
Transfer

9005 kB
Size

47
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.truvid.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/
Title: T&C

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/cookie_policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalsemakan.com&utm_medium=referral&utm_campaign=widgets&utm_content=1233564

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739844/i/57566460/0/pp/1/1?h=oet3r0EolAfnh_ig1Vt0plWUkyceDA1dedN4gYNotvcl62WzIA2Q6rYt1xakK3Vs&rid=9d887b85-a925-11ec-b203-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739870/i/57566460/0/pp/2/1?h=oet3r0EolAfnh_ig1Vt0psDlVfkzJuXel54_mpPyLavnNFPLbvIIGkzwsMdEomlW&rid=9d887b85-a925-11ec-b203-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739855/i/57566460/0/pp/3/1?h=oet3r0EolAfnh_ig1Vt0pvZTjeQiLwa8OAoubo4ZvS9uw8mpwJ-QRdeKiF1dhgff&rid=9d887b85-a925-11ec-b203-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739876/i/57566460/0/pp/4/1?h=oet3r0EolAfnh_ig1Vt0po4JxZFTfjQ3IS5YKi36-ewsDHpzy3lV0jTgR3vdfmAZ&rid=9d887b85-a925-11ec-b203-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: http://www.mohe.gov.my/
Title: www.mohe.gov.my

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalsemakan.com&utm_medium=referral&utm_campaign=widgets&utm_content=1233814

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739844/i/57566710/0/pp/1/1?h=lFNuI5eYIChWVzmKT3zjllWUkyceDA1dedN4gYNotvdaw8Lon0yrlR2KTKbG9P0A&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739858/i/57566710/0/pp/2/1?h=lFNuI5eYIChWVzmKT3zjlks2o9Ns1We1N-QrfiT7J0P5anCx-56ks5Kip_GN16xS&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739867/i/57566710/0/pp/3/1?h=lFNuI5eYIChWVzmKT3zjlnwy08XIJt-ugDpNNVDYVQbxcy6csup1x8x9z8w5vQll&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739843/i/57566710/0/pp/4/1?h=lFNuI5eYIChWVzmKT3zjlkIRWebqoKyyfJuvw9A_e34M6bw88dnBlrJ6bluMmBaZ&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739870/i/57566710/0/pp/5/1?h=lFNuI5eYIChWVzmKT3zjlsDlVfkzJuXel54_mpPyLat2td8H6aFJSutIxXJnQMcn&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739835/i/57566710/0/pp/6/1?h=lFNuI5eYIChWVzmKT3zjlrtxqQZVpumvYgOGnDrYfp2TikroMf3ICLf1nTrc8dIE&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739866/i/57566710/0/pp/7/1?h=lFNuI5eYIChWVzmKT3zjlhKoTEkoWhP6UAPYEFblKhwJdVS5nexH8cdSs5vDsV7n&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739859/i/57566710/0/pp/8/1?h=lFNuI5eYIChWVzmKT3zjllsaUjCKAa2D2gEku1ukA4-XCyj48_SEmidqH_0VB-Hi&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739869/i/57566710/0/pp/9/1?h=lFNuI5eYIChWVzmKT3zjlqOZPIaqhMpkZt4Fy5DgKIXFvVgengsGX7-KYYd019LQ&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739842/i/57566710/0/pp/10/1?h=lFNuI5eYIChWVzmKT3zjlvEqTg_fEcTBHDSXYy1qfzFh9G3ywwrBQvLmbkmMV98T&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739872/i/57566710/0/pp/11/1?h=lFNuI5eYIChWVzmKT3zjlrP8BoEcgUChIMBWk24OgNpBhs8bIk4rXmfwflpoioGm&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739871/i/57566710/0/pp/12/1?h=lFNuI5eYIChWVzmKT3zjlmOCALWoRM87SdDpQyqHpZJpZu-qX8sWM0-n8_FP9IfN&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739834/i/57566710/0/pp/13/1?h=lFNuI5eYIChWVzmKT3zjlvPaGNFV8vb1YLyBjuvNoDLrVqq-QOxxj65w9fQsCCNS&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739864/i/57566710/0/pp/14/1?h=lFNuI5eYIChWVzmKT3zjlpHamTuBUQXNh2Rw_JHFKiDpkcgXAwykPZAAlITu9ym5&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739876/i/57566710/0/pp/15/1?h=lFNuI5eYIChWVzmKT3zjlo4JxZFTfjQ3IS5YKi36-eyBnO4Ke6aKv7gqfvPLAeyA&rid=9d88b77b-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telekom.com.my/ HTTP 301
https://portalsemakan.com/permohonan-pelan-data-pelajar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=OeQqtHxHUmxHek1NWWNFa1ZTdVd1SkJlb1dNeW1VZ1JWaEQxcmJ2aStLU3JwcEFNN2w2eVJkbHUzcGtYUDFtdHgveU5VZkFzRWZlaGkxRytUVTFjd25GQU1rSDV0QXo5NVNjNXNxd2ZNK3ZhMTE5b1REcURPOTNJUnVLWU45Z1dvSUpIYVYzSXJTYldBUHAxbHpxbmF3UXZnSkRYdHJQYUNveVgreXN6V2hzampMVHZBb2dSZVMvVTNaRUFHUnVuazhFQjdRRWhFbVZpNHNacmJSVzRwYlFWTGJ6UkFnRVpzSzNaQ1FHQll1OWp0aW0xVmhkUG0yUWZVUVhLbGR2Yks1NHdmfA&cppv=2

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://d.agkn.com/pixel/2175/?google_gid=CAESEL3px5npRmb7PeCa0dL_8H4&google_cver=1&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX&google_hm=Q0FFU0VMM3B4NW5wUm1iN1BlQ2EwZExfOEg0

Request Chain 128

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKrB2-dH3jR1wOd6PW5mqwsUYYQh63KHdGOGJuRo0v9A85Xl31oLw0jI4kK3xUW3GFC_GgCWsgCQ7HRtDoAixWlgnT7loU&google_gid=CAESEPDY8j_eU6Wj-aOgxPm5dIc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKSf4pEGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLckIyLWRIM2pSMXdPZDZQVzVtcXdzVVlZUWg2M0tIZEdPR0p1Um8wdjlBODVYbDMxb0x3MGpJNGtLM3hVVzNHRkNfR2dDV3NnQ1E3SFJ0RG9BaXhXbGduVDdsb1U HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbFF0clhWWEVFdXM5OGNncmtNU1hhRmZkMkY1Njg2LW94TDNpUzhOSXlEdw==&google_push

Request Chain 130

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZYs12qG7x7PK4JIcdx_tQ&google_cver=1&google_push=AYg5qPJolYY81Ba2TKMyEMY6nkBUA42J6DFgWemIrnvSjO5CrJzlTzWPC6yk3Cw-_xtsHuyTnV2tIsE_nkcQ0vDGTenkN0srb-_M HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZYs12qG7x7PK4JIcdx_tQ&google_cver=1&google_push=AYg5qPJolYY81Ba2TKMyEMY6nkBUA42J6DFgWemIrnvSjO5CrJzlTzWPC6yk3Cw-_xtsHuyTnV2tIsE_nkcQ0vDGTenkN0srb-_M&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJolYY81Ba2TKMyEMY6nkBUA42J6DFgWemIrnvSjO5CrJzlTzWPC6yk3Cw-_xtsHuyTnV2tIsE_nkcQ0vDGTenkN0srb-_M

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOHVSCjuZX_lkEhfUAXFwDI&google_cver=1&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS3BQK_D7rfSrKnX4pQJvFOM2s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS3BQK_D7rfSrKnX4pQJvFOM2s

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_cver=1&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY

Request Chain 135

https://gcdn.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5B6338CAC1D6D600D7A9F8105A92F38D9EDF165C.0F79CD45C8BCFE4F2FE054A86E491970BE858601/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56299D247D1D0BE2E33E8C1DB49B5FEFC4D673DE.184DCC2AB8342E5774AAE82C2F45467584F6E9C7/key/cms1/cms_redirect/yes/mh/I4/mip/2001:ac8:20:3b00:1011:42cb:9e3d:4dee/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1647873644/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 199

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZYs12qG7x7PK4JIcdx_tQ&google_cver=1&google_push=AYg5qPLFKo9ASegU-ccDeQNaqacVUBf7DVIuAKmSgFSgBBqENlWvBydvUFTbgSl9FkVYqr_N4HTCQYtP3qhUh33rN4V8I44OmgXC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFKo9ASegU-ccDeQNaqacVUBf7DVIuAKmSgFSgBBqENlWvBydvUFTbgSl9FkVYqr_N4HTCQYtP3qhUh33rN4V8I44OmgXC

Request Chain 200

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY

Request Chain 201

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPw3h0DK4b0uXT88lBvIME8&google_cver=1&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRncaBB2DYrioROU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRncaBB2DYrioROU

Request Chain 202

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDrq_pnVnSxfQDFW_1YPgBU&google_cver=1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1647873957476 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1d3345d5-6cc8-4dc2-ae48-e99b1a58c4fe-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA%26google_hm%3DAx0zRdVsyE3CrkjpmxpYxP4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&google_hm=Ax0zRdVsyE3CrkjpmxpYxP4

Request Chain 203

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH6GdA67ywnMUu2YsPzSB1U&google_cver=1&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4&google_gid=CAESEH6GdA67ywnMUu2YsPzSB1U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5OTA3MzkwODI2MjA5NzQxMzk0Mw%3D%3D&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4

Request Chain 211

https://gum.criteo.com/sid/json?origin=publishertag&domain=portalsemakan.com&sn=ChromeSyncframe&so=3&topUrl=portalsemakan.com&bundle=A0Wv8V9GRTZPS3dSazM2MVp1Um5YSk1qTzlOayUyQlhIM3VIUk1LVFZDVmNlTG9Yc2t1V3BlMm52UzRHNVUzbHVlRyUyRjl4TzRlSWt4SFJtbGllWEQ2VU9RZE9XOWNpcWMwMTVVYmthWjU4VTFBZ09DdDNZcnFGWmIlMkJ2OCUyRkM3N2lGeEtVOW1z&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=61MDRnxyS3k2MUZ4RGJUY3F0N0lWUTZqVmZoSnE1NWhPMTkxQnNObFR3S21EMkRDRm1EbnRtaTUrYUk4UStwZ1lrbWs4SVRiekJvQ0hkNlNKczdBdzRVeUZyb0JBWkNpRElFUVJsNDlLTk00NzBUcmVHR0RGSjBXZnIycEUzS05INXFPb1NpL25OQ0V3N21TSTZSVUZTbWl1REdlTEVGakRWVCtRbTNLVnVLWnh2eHVQV2RybTJZbXdrRzhjUFY0a3dHMFJqSnJFRXpDb0RvcmVaR2hlRnVOWjRsK0VTYkpWYTByd1JZTUJ1MWZlbHhCWktqaU12akZkYjRZSVhDRVBuZkt3TWhhckxLRTBDQ3o1N1ZFcFc0bzJoV01FdFVJU2pMWnRRZGVmbEk0UDY5OD18&cppv=2

Request Chain 230

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=0&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68&verify=true

Request Chain 247

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy

Request Chain 248

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTRjOTY2Zjc4OGQ3ODA5OTE3Njg3MGRlY2FlNjMzYWU0MjVkYWM4Mw

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOPsbReMYoN-qvzYz1OcAQ4&google_cver=1

Request Chain 251

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mK9ZnLmCSzeEq2tTlN-IJA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mK9ZnLmCSzeEq2tTlN-IJA

Request Chain 252

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLTKX-4-KD62

Request Chain 254

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dHFFd2fQSpSeK8dQEpaHPA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dHFFd2fQSpSeK8dQEpaHPA

Request Chain 263

https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&mh=QK&mm=31&mn=sn-4g5edndz&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&mt=1647873662&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgEG6TH5VBBZFsUbFqrn2ppFPNwwz85QiYhViGTOq4vpICIARFLRElsJqnpMuQbYSrWav7baiE6-m1smrLRpJGDGGp&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAM3l1Nr5qz2w2jFpKM5GZQyMGe8TQiRGIGxLoEQbgeFaAiEAnt5xl-W1y0OZkzdjEVzQuHkfyvtQrD8QaLV5AeCPyUA=&cpn=Hal9Jg7omG8CB46M HTTP 302
https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgEG6TH5VBBZFsUbFqrn2ppFPNwwz85QiYhViGTOq4vpICIARFLRElsJqnpMuQbYSrWav7baiE6-m1smrLRpJGDGGp&cpn=Hal9Jg7omG8CB46M&redirect_counter=1&rm=sn-4g5er67l&fexp=24162928&req_id=88e09b0cacb36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2001:ac8:20:3b00:1011:42cb:9e3d:4dee&mm=31&mn=sn-4g5edndz&ms=au&mt=1647873893&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgJZVRDjpvmCCf6E2o1X0MB5i3g4Kp7VEXQuYvnsoQoAwCIHY4Dl_RF1vkftYkx4P5_a6DNtb67L0QEHYPOpS9vZQh

283 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalsemakan.com/permohonan-pelan-data-pelajar/
Redirect Chain

http://telekom.com.my/
https://portalsemakan.com/permohonan-pelan-data-pelajar/

58 KB
13 KB

739ms
669ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540cb7660b4112dfe91b120ba26fe677a8eee365681f38f53d3ff8d50cbae296

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
x-ua-compatible: IE=edge
x-pingback: https://portalsemakan.com/xmlrpc.php
link: <https://portalsemakan.com/wp-json/>; rel="https://api.w.org/" <https://portalsemakan.com/wp-json/wp/v2/posts/1921>; rel="alternate"; type="application/json" <https://portalsemakan.com/?p=1921>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swUvl0tP82yIVcAUTRcEy2b0P2d4U6tmH5Db6PFimgX98YrMEfOEFP2NLNH6FJ240g6qOUl8YZZGwlThPSPajG1OMW2LQ5pFEJNyKi7vKd0M22eV4VstzINdwuvO73irLju7F7TPtRRT3dSRnwDGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ef7794ca8ab0fce-MRS
content-encoding: br

Redirect headers

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Mon, 21 Mar 2022 14:45:52 GMT
Server: LiteSpeed
Location: https://portalsemakan.com/permohonan-pelan-data-pelajar/

GET
H2 200 US5uBX0RInHFzEq4nJpEypGL6hg.js Show response
portalsemakan.com/cdn-cgi/apps/head/ 6 KB
2 KB 437ms
435ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/cdn-cgi/apps/head/US5uBX0RInHFzEq4nJpEypGL6hg.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae72a2bc3c1ab0291872b9998f163bc790d07c316e8b629e38a3f2f761e49f6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AZ78N664M8A62RGE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: yrJ_nMHm9KI2FIqAbVIqrfFl6CDAkC65
x-amz-id-2: 5P6ErCDKQ1VTleg4RZjz7tp4O4Ab6aNOhScR4Up6lrU5Jyz6zINgFEwbbpDNTknsNe92XcjT7hI=
last-modified: Wed, 15 Sep 2021 03:29:10 GMT
server: cloudflare
etag: W/"ab04f2cf3678997bd61360038cc99b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQccZe0FB%2F3d8xRPs9BUMzZgGCbcjiN%2Bzqy6YnbJ5rqpxPCFVm5kZkzICkMn1pFHY6F9KAqSwoJT1XLquYGyup71d3Q5w7QlUf2gbgVNEBK2WDnJJWMzqhm1ZevmPWIq3l5%2B0DPzgiGKF9wLfZYxDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6ef77950fbde0fce-MRS

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 50ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3463aecfd16d3464c8fba9c16df693086482649d04cdfd461b5a71fb0bdeef2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 14:45:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:53 GMT

GET
H2 200 96505f41af0ff1aa6afcd92112ceff55.css
portalsemakan.com/wp-content/litespeed/css/ 81 KB
12 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/96505f41af0ff1aa6afcd92112ceff55.css?ver=d774f
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e811ad01cdb86c2e3371c21e43125f873f1e6668400fe6d40b5e34878f960b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446918
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 10:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpZCRnRLsREgqllbtpXHjx1AsHy1RoOuD7S%2B3LQJQ9MDBOGlPYjHlMq%2F8vnZxrTKyFnxnCc9TN1rV79aa9jTGEX5FtFbL5SlLtXy8XdzpY2TYQalxEd7ykeZQ5325tKyLzoDyupxMDa5y4yNkoMVBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbe60fce-MRS
expires: Thu, 16 Mar 2023 16:37:15 GMT

GET
H2 200 70c56241757a25e393f50439435b8fda.css
portalsemakan.com/wp-content/litespeed/css/ 11 KB
3 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/70c56241757a25e393f50439435b8fda.css?ver=5908c
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ax9P5pzBxBoiPjCZnU%2FxHK6kI53BWMOpKYzkMes0L1bQrqvTalcZaoeAoBt7ntKl5cEf9%2BDh9cTg9TZcCwPmPrvgAlLuX5LetByVrV1hq968lpe8rA5bleB5XAIJ3MlETD0rjo2n6udGGn6vKylXXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbe90fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 72ea471976ae077ece831fd215cfa1ab.css
portalsemakan.com/wp-content/litespeed/css/ 4 KB
1 KB 42ms
40ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/72ea471976ae077ece831fd215cfa1ab.css?ver=b7417
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7hCEPVK4vGH0e4GzOZs1SGK7ZxYEfToX%2B5A7Ih3y9w2R677vw03zMdF4bX2WuaYMsORf26bz6glOXcJUIyZHeI1lV6eflQLUa571dNq6sp9VxJKImtsFS%2F6cblw1aGowh0cnoLM6Y0vhP0mGxDhvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbec0fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 bbcbbf556f258184eb7812076835798b.css
portalsemakan.com/wp-content/litespeed/css/ 0
497 B 43ms
42ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/bbcbbf556f258184eb7812076835798b.css?ver=aa744
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446918
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Wed, 16 Mar 2022 10:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ge6wjphw7kK9Gu2y0NrRqxp4ohfnS6uh9a2nNw9mBvm3qVj9ZwnIriQLs5XECWVGVS0Bmt1A7S0my0byKmZ9hIoPSb2YX36JyVHs2V7jTcN1RTnp7YvIsU3ZIid151Hk0NGRyNe%2Fxx%2FoSrPc4v7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef77950fbf00fce-MRS
expires: Thu, 16 Mar 2023 16:37:15 GMT

GET
H2 200 d5dcfabafa088d87285a1166ec18a1ca.css
portalsemakan.com/wp-content/litespeed/css/ 31 KB
7 KB 39ms
37ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/d5dcfabafa088d87285a1166ec18a1ca.css?ver=ea2c9
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a249ef5d6ecd934e2b64f5883ee3eb3f07db0441011edaeeb01ee0048f84828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259332
cf-polished: origSize=31321
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 18 Mar 2022 14:43:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Uztou6TXZtSa%2BGPN74LCzfTD93vsEx5REvkVKNOaorZYtEvskTROPbownt6oTd8HpN6uN5iUK5uemVmQBNrZQgGvpunSLLH7X9dk8S40pYwdnTiVwjN2Tmb5wrpKBRsSY3Aef0dfKtFEEQpdWGpsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbf40fce-MRS
expires: Sat, 18 Mar 2023 20:43:40 GMT

GET
H2 200 1aa77b9b28e472f8070866c15837e261.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
1 KB 43ms
42ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fadc70587c09a1b36d035bf43b2bc0a22f306c07fc8d18043389504de3d35a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-polished: origSize=3168
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8CpUPCP%2FimPgDF31jVo2wLxowRoOn8vhBQbjL%2FVDMMGlpCPf%2BluwqLx8w5MsQ2wbHjXSRTzGIXVup8k3RGHNJ6nlLlLFWHC9fDaETOe67sq%2BA%2BJDqFHiSy%2FFWBdKqoR6u2MB3cw%2FABDLc3QTG%2BHdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbf70fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 35cc9cb5070245213fcff02ef9eebb81.css
portalsemakan.com/wp-content/litespeed/css/ 1 KB
771 B 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/35cc9cb5070245213fcff02ef9eebb81.css?ver=5d259
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b4b4e7e185dd82c01c946b699fec57ad102914547ad6d5bc01c33e6ae49d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-polished: origSize=1034
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRMa1m5CSlMjm36%2F1xcnu7%2FE2HVFfkbIcHHZAWByGxK0rl8iUeZjQ7wNCc0xbonTXd5jNNx28GpeLLlGEqPw%2BvIlN54qCWWRaXbyrSwZlal13nNtfb22aFzKwX5YCiP0QLA1GVBPgP%2BxeRwj0oQGCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbf80fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 22057ec19691fbd3f02848de7481e7c7.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
832 B 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/22057ec19691fbd3f02848de7481e7c7.css?ver=55d45
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c80c27456e44686b378b1024534b69cdff323748c808afb6ea4db2fe974890b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446918
cf-polished: origSize=3383
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 10:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAJzfirlqSZafaNeV4IpFWifbHauIO8FDArlZqy2oOyWzH6SE8d1XU3QBypoRwoh5oOWKfGu%2FgVuFQbSQeeuH%2B%2B8cacovgdOsDVgAD6rISKDk5OYDakdqAivmTh%2BDZE%2BqRUvXXP5bgqd2A1mdXPRpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbf90fce-MRS
expires: Thu, 16 Mar 2023 16:37:15 GMT

GET
H2 200 03f743f42770c7d9e71c7dfd96af7049.css
portalsemakan.com/wp-content/litespeed/css/ 2 KB
835 B 37ms
36ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/03f743f42770c7d9e71c7dfd96af7049.css?ver=99ff3
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Eg8pSK3UDgpZ1SmHnv2HY5aiyfXZQeRfMjPN9xNxSwZaUlLKdrP54MnmrMr0Xuu1kd1f%2B1UWoIJnLBUWc8NAQzYgFYVYIxoCe5oyH1UsqqZ8q%2FzGx17uaHVEnsUs8yerTCPUPwB3RNI4CCkKzyPZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77950fbfc0fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 f1eba2edcafcae96f64fb07f3da9392d.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
949 B 73ms
72ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/f1eba2edcafcae96f64fb07f3da9392d.css?ver=a96f1
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beYl%2FODxXIBpB3aNr2S4HxCBJUg1xVNAh8VX8IKp76SPquF2AMoGdylgCmokKw%2FrmVg%2BaaBxXDoYVEBnvc8G%2Bohs7eUsl%2BJxf%2FO5Ve5jGVEgSLb%2FnL9wwFsomvwX6j9Hh%2BkL0OCuTQlhtly8O47SWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef779511c480fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H2 200 4d9e679b873673927fe1e724bb0cbbb0.css
portalsemakan.com/wp-content/litespeed/css/ 86 KB
17 KB 74ms
73ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/4d9e679b873673927fe1e724bb0cbbb0.css?ver=90c71
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5b2b6e46cb835975b0b93ce77220260fe33be687bf4b0a591e9ea67075d396f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGsXvw1SWDz3NgPAEOv1X9MKAnAFzmN7aDIm0LdhsCWrkj77DayXgxS4Z%2BV3pye8GAvPBCb0GWMGq%2B8n1DA%2BArWPB4Fa8xFP4BuCKWON9mIBYdHMXW0pU%2Fy5A4zcBqe16ezJpnwWnPXO4BrK%2F0%2BJsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef779511c4c0fce-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H3 200 Unifi-Pakej-Pelajar-IPT-950x1072-1-768x867.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 54 KB
55 KB 845ms
845ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Unifi-Pakej-Pelajar-IPT-950x1072-1-768x867.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16dd323fc179f4da7111503bdc1a8e2a8b034540ad3e1cf0a040d4d0ce7d04e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55446
last-modified: Tue, 07 Sep 2021 08:38:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKyxPuQYCjN8wZQe%2FcIp5SqwWMdCW0AfuSxwDii1EimZdHC47Gbf91XHPeP9%2FGiSxzKRd15hD3tXfUupBPaEStxPAwlQw4eTMtZX0WeuVHRS%2BM8cPdro8pER8C6ZMwFq2TpHglR%2Bh%2BR6hqniq5WZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef77951e97241ea-MRS
expires: Tue, 21 Mar 2023 20:45:53 GMT

GET
H3 200 71234af64ece948365f23ba19dd8522e.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
1 KB 64ms
62ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/71234af64ece948365f23ba19dd8522e.css?ver=b69b0
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec30306c113e15d84c044b4c4f6b751be424968f89ad404d99ce4528227f83f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21256
cf-polished: origSize=3029
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Mar 2022 08:40:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jtxYf6DeB%2FfGFeZHWc39s4Y7x1T%2Bn1HVC1nY90GRD4o%2FfDpO27UDrXSya7jhcS26x4M2cWjjoGJCkA1NpFAyKnEUx7Z%2FTFZOX93A7R9huVQ1e3S1pAAw1NKUaBfcT%2Fgy5BLlDdbNx0LPlOTS8paNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77951884241ea-MRS
expires: Tue, 21 Mar 2023 14:51:37 GMT

GET
H3 200 rocket-loader.min.js Show response
portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
29ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 12:28:09 GMT
server: cloudflare
etag: W/"62332959-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6zAzxMfWg8aLzFOY8PcMxkPUJ5mDhBRoP0I80tpW2MgK3KLkXsu4n43oSoRgqQ4Sq1xMMrYPL%2B4Fm5deaBS6A0fBGCscjukXRi4xDGTj18b5iyWgU90jYfhQfogLty%2B8WKl%2BbZbBK0tCmLsRZzHyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ef77953bdbc41ea-MRS
vary: Accept-Encoding
expires: Wed, 23 Mar 2022 14:45:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 241ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 489624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:30 GMT

GET
H2 200 raxkHieDvtMOe0iICsUccCDmnlrf0Ts.woff2
fonts.gstatic.com/s/oleoscript/v12/ 13 KB
13 KB 255ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oleoscript/v12/raxkHieDvtMOe0iICsUccCDmnlrf0Ts.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae37be456f6c4ce883098b5777f99d940beb781832c20fe1824b4ac6f6c854f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 19:03:24 GMT
x-content-type-options: nosniff
age: 502950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12900
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:52:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 19:03:24 GMT

GET
H3 200 generatepress.woff2
portalsemakan.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 38ms
38ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444033
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1264
last-modified: Fri, 25 Feb 2022 15:32:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9jmx5kOBX7dQwASoyZU3OiW6DKhzVu7FlJqYOR3198sHx8YzOprBHjQ%2BcRYrtzOUJAIkDNDGvZOzKTGoglFzUt8RKKJoZRY1aWZGmPxYeqilZ9kgqzSpmgraSAYG2vsYcBIOQDQnS159wRt8hqnQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef77953ee4f41ea-MRS
expires: Thu, 16 Mar 2023 17:25:20 GMT

GET
H3 200 Senarai-Pakej-Pelan-Data-Khas-Buat-Pelajar-IPT.-Dapatkan-Sekarang-1200x720-1.png.webp
portalsemakan.com/wp-content/uploads/2020/11/ 62 KB
63 KB 876ms
876ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Senarai-Pakej-Pelan-Data-Khas-Buat-Pelajar-IPT.-Dapatkan-Sekarang-1200x720-1.png.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f0cba1f0b9349dcf368c51767ee39e9834fc529d9adb7b0bc1ee10be2ccf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63772
last-modified: Tue, 07 Sep 2021 08:35:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zim0wrTozE29i94hnxDO4UiPT1rduCZi5CWgN0cyO1yShd0XTcf%2Fdp1H276kS6T7lvSRRizH97kcOUVoPvZ8FtO85gW6yY9XU84FMfaPdfLo7V3wrWb7SFKiT99mW%2Fg9IRoRf7nLCNerXT2I8PTgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779541eae41ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 Hotlink-Pakej-Pelajar-IPT-950x1045-1-931x1024.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 73 KB
73 KB 832ms
831ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Hotlink-Pakej-Pelajar-IPT-950x1045-1-931x1024.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e9e6bd77d4e918b61a958c0fafbc9fe9793f4a142f77fafb206835514db608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74358
last-modified: Tue, 07 Sep 2021 08:35:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZWl50X9%2F0mWNbyWYuWJZBsxstC5ymvxzfybpIV%2BCy7br1JBQ2mpepNqcs%2FAkZxZMJJz5oVxWgZpsH6sdKXfaAdec6t%2Bd%2FE5FtJlXdPlUVKyjvxSidrjy0kFxaDgT1EatrNX29SN94VZeCUHHDaQkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779541eb541ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 Digi-Pelan-Pelajar-IPT-950x569-1.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 50 KB
51 KB 869ms
868ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Digi-Pelan-Pelajar-IPT-950x569-1.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12a37513b1a7e415907551deecc000268672bac723bfea99cd7af6c742f5b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51210
last-modified: Tue, 07 Sep 2021 08:35:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HfU%2BAwRBYeh2oxt6qlRpsjKZTwq9rKiwY6p5Bioqb8yJSO9iDVjVDJf1FHmm8A5hi7VzgtHu1cgayJmqohKikp5KAJqugZtF0tqhGy4PF88I7Uu3NZlvqwqXKw%2FCcv%2BjS5ClAO%2FPv32Y%2Fbqw3afaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779541eb641ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 SEMAKAN-TATUS-MYSLAM-PERMOHONAN-PENYAKIT-KRITIKAL-COVID-19-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2021/10/ 5 KB
6 KB 585ms
584ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2021/10/SEMAKAN-TATUS-MYSLAM-PERMOHONAN-PENYAKIT-KRITIKAL-COVID-19-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52e2ca4270e3f093313f9eb0b90af8a72ff61350c783dadb41eefd018402f01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5496
last-modified: Sun, 17 Oct 2021 22:07:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WObvNrv9DJ%2B7jxN32TWVUD%2FNSXbHfA%2FwPqgB4cZdlfDuJf1h8S1uvwhq3beMSWL2kYVxomqnKw%2F8tiEz0GTmzpWiB%2FJIV4BMyryeYUfx53dq4q7TkI9rzuanOvWzc93rg2goyz1YI00COLhM2dGlpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779542eec41ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 Screenshot-2020-04-02-at-5.55.58-PM-150x150.png.webp
portalsemakan.com/wp-content/uploads/2020/04/ 4 KB
5 KB 584ms
583ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/04/Screenshot-2020-04-02-at-5.55.58-PM-150x150.png.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b25adac4aee63a1b3a4677caa83858e025df42fd9caf0163781d35585e5343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4126
last-modified: Tue, 07 Sep 2021 09:10:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx77%2FexG7kAUtULdk43lDjg%2FQx0BwXqA8%2Fy6HjUOMtS9mWFsQwelkNmccPEniUvtr%2Fj43a6F5RP%2BSh7j%2ByyDQA%2BvcMEuJFoHleNOWeTQ9OYASzA%2FD599FD5Xh8uMcWz77XE13IsOad%2BCzXqeoUKvwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779542ef041ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 PENGELUARAN-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2022/03/ 7 KB
8 KB 591ms
589ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2022/03/PENGELUARAN-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c090138c104cc66f39ee1413bb6efb3c892ebc54fa6527e3be4566aac040aef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7062
last-modified: Wed, 16 Mar 2022 07:12:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c09egq1PpQqC4et6%2FODGbCfsWUkLw6o5Gq80UFBv2hsHX0RyS8alpGjNVsaMtq9pgJtWN3vixa1LQOwnbgzIUVqd8%2FY0zQBbSNn95afuZsTxNWz3dx4V%2FxQoDcOfhXt9gDvGaIoL8WNx%2F96AUMHbqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779543f0041ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 BKM-2022-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2021/11/ 4 KB
5 KB 584ms
582ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2021/11/BKM-2022-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6dd3ce1c2ddd590db04549b0472eef0774692c1189a83d7b9705e02e3c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4606
last-modified: Mon, 29 Nov 2021 08:09:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2FtjLP984n%2BxZtnfFKN%2FaEo38ReAu5WerR2FqZ1cWOkPcxo040XZXg5vnyVTmGx3j%2B8MLJkNDPdEH%2BUgIr3kfC%2FAVaI%2F9Y4HejpjtU668ngIxT0%2BRANGMhJ5a64hWKQnYQ8vGoeq%2F%2Fam0V1fCIgEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779543f0341ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 BKM-2022-SEMAKAN-STATUS-BAYARAN-KEMASKINI-1-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2022/03/ 6 KB
7 KB 582ms
582ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2022/03/BKM-2022-SEMAKAN-STATUS-BAYARAN-KEMASKINI-1-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe9162057c0bb787bda01e2098226be4b37bd2da37b04cafe35867f46b6b8cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6642
last-modified: Sun, 20 Mar 2022 15:15:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPogOb1FJYWZv1rbwUs4WArBcWpwnYP3pouoh2i7JS770Pdwy1JTni5CkagOZkRIhX2LBA15ULZh66gFGHc2iGAXSC%2BWc4yIv5yf0dsXOFSUK6M7H2WmPrYYJFWBCxkP6%2BRtQ3oXND64IiMbmZBHNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef779543f0441ea-MRS
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 9cb4915548dd4d539f0db8e25e411486.js Show response
portalsemakan.com/wp-content/litespeed/js/ 44 KB
14 KB 718ms
717ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fbe33313bd0708170444d76e920e57146bfc95b2a3105cbedd920144bf0b01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Mar 2022 02:52:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ%2FvwuxatmWNzfPw3L9KD4uPKk2IqiEKfHaNF9UqGecbF%2FVO8bFrPvJ%2B4hAK32swtZdu%2Brbxq9RhH27h%2FxO%2Fr%2B7sxxyRWcW3DkLNQFRdEzbU6Dx2cUe0Mj0w1qnDiBOSZiPwv%2FrirWSB9YFqDDki2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77955394241ea-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H2 200 e-202212.js Show response
stats.wp.com/ 9 KB
3 KB 47ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202212.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 12 Mar 2023 22:57:55 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/4961/ 122 KB
29 KB 389ms
44ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4961/ats.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

080d8bc28812d9e7aff55c468d183de77b357ee528a8794278268f9be0466b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
age: 58757
x-guploader-uploadid: ADPycducpIYNgArGv7adkJt-PPdNzd_w-QYiW5W3LmccnzzXxo4rTYXz4RLzdm1oebmNV9ap8IEUz8oCDnMWxdLw-A
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 28638
x-served-by: cache-tyo11933-TYO, cache-mxp6930-MXP
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 22:26:38 GMT
last-modified: Mon, 14 Mar 2022 09:13:58 GMT
server: UploadServer
x-timer: S1647873954.453082,VS0,VE2
etag: "7533b5e5047f194700b383a7dd227307"
vary: Accept-Encoding
x-goog-hash: crc32c=l299BQ==, md5=dTO15QR/GUcAs4On3SJzBw==
x-goog-generation: 1647249238424723
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 28638
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 76ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5c874df6a77647778dadf697aa77de082fb37dfe6bd81fa305c7f4020b1d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37850
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 89ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f0035633fc2dde81455df4113c626989d4d54e4183d2747f06a63b65e3dad84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54691
x-xss-protection: 0
server: cafe
etag: 13593658985877736778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H3 200 jquery.min.js Show response
portalsemakan.com/wp-includes/js/jquery/ 87 KB
32 KB 706ms
705ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz09PkW8UzXGgCOJ6rkLLld0wAiBWIjqKj6AGaSqu4isRUge%2FbSQIkjdY4svy5oBh4tWPAitB7ZHCD8EEjEUMr2DpfObptRibRSYsa4%2FdwZzW77xBdQKlFCeQYaEI2C6qsHB%2BpKYrDzJiV841IboJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77955395641ea-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 20:45:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 63ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9427148377333143&plah=portalsemakan.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb32a6c603aa6d6f6bf9b7d4f9a49348de6790eb7370556fd19c723bee5b768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108579
x-xss-protection: 0
server: cafe
etag: 10788710858049836246
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame A9EC 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 20 Mar 2022 20:47:02 GMT
expires: Sun, 03 Apr 2022 20:47:02 GMT
cache-control: public, max-age=1209600
age: 64732
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158497/6011/ 245 KB
76 KB 97ms
10ms Script
text/javascript 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/6011/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 08:09:07 GMT
server: Apache/2.2.15 (CentOS)
etag: "15c1ea0-3d366-5d07edb4c618e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55798
accept-ranges: bytes
content-type: text/javascript
content-length: 77259
expires: Tue, 22 Mar 2022 06:15:52 GMT

GET
H3 200 wp-emoji-release.min.js Show response
portalsemakan.com/wp-includes/js/ 18 KB
5 KB 538ms
537ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkEwusbRq5PSuhtp03IQ%2FcDcqwV6CoeSfjoykQsZO1aTHQHe0kQatq8Rw%2BLAA8KJ6nCzCm%2FdpN9wHoFnrYal7ojr7%2BaMqWYlHeH22sTYvaMxk8h5OmN%2F2vynV8mW%2Blxws9hM6y%2BnUvT4QvpuquUfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7795a3cff41ea-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 20:45:55 GMT

GET
H2 200 portalsemakan.com.1233564.es6.js Show response
jsc.mgid.com/p/o/ 249 KB
74 KB 103ms
29ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad3f70d0cd67683406ae1321078f0e101a6c4718c5608e83d2e454ad2c7c29f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 5124
last-modified: Tue, 15 Mar 2022 11:51:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 79VK0QQ3FS2MSTJQ
x-amz-id-2: 7wu1TH270mY8Yvxkb+AlAFG1ViLz6KQo8bSLKqHwyDOPWc1rdpZmM1J0EaDC48lELKer1FghUlQ=
cf-bgj: minify
server: cloudflare
etag: W/"7e8eff8aa19b747198ccb884ca2ce7af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ef7795aaf129bb9-FRA
expires: Mon, 21 Mar 2022 17:45:54 GMT

GET
H2 200 mgWidget_1.11.86.es6.js Show response
cdn.mgid.com/js/wglibs/ 319 KB
64 KB 104ms
30ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5965008f49fc5dacad0690c57debaae8e02ab950d984453ea752de4369c07f2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 2574
last-modified: Wed, 09 Mar 2022 09:11:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: N6FM7BJ3B5T8NZFS
x-amz-id-2: JWhFwkoOqPynVKwUSvuKbHE9vtfZ6gDfV+7i+ruIRupH8c61EzgmISexfkymQhs/kPvFge6RPjk=
cf-bgj: minify
server: cloudflare
etag: W/"88ba11b6ca79cf5a9311022c94f18e95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 6ef7795aad695c80-FRA
expires: Tue, 22 Mar 2022 14:45:54 GMT

GET
H2 200 portalsemakan.com.1233814.es6.js Show response
jsc.mgid.com/p/o/ 242 KB
71 KB 141ms
68ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5052494ff09c4b59c4dfcd8b00ae07c79c26b63b99fb1a1369e908e8880e05a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 5124
last-modified: Tue, 15 Mar 2022 11:56:39 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C80D49A0DR919FMT
x-amz-id-2: LwMgOonnw6ggW7MZpyXybGRw668jtYvdonR2yHwLbqzOiDCZ91pe1Q3ECXNuzNkRpKJtOOUyrqA=
cf-bgj: minify
server: cloudflare
etag: W/"8c4fe4e56c189e924105dc097cd5d518"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ef7795aaf139bb9-FRA
expires: Mon, 21 Mar 2022 17:45:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 66ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9BPNW7KP57&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02a67ce3ff1bfb5e1d9cfbaa5c42bca195082ae04229f6c43058cc3495564326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64301
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 31ms
30ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=175155631&post=1921&tz=8&srv=portalsemakan.com&host=portalsemakan.com&ref=&fcp=1634&rand=0.15698820886121112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
647 B 87ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalsemakan.com&callback=_gfp_s_&client=ca-pub-9427148377333143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9427148377333143&plah=portalsemakan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0b6396ebdc207806fae75c3110b87a821b5e16f017203537fec43f9ae09e7a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 75ms
39ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
35ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56C3 169 KB
45 KB 330ms
295ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&adk=1812271804&adf=3025194257&lmt=1647873954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873954852&bpp=3&bdt=1451&idt=124&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1952985218076&frm=20&pv=2&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac1d1be7ef807b53486374b83f64d0c6d9336da12774390fe5f539cf98a25e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:45:55 GMT
server: cafe
content-length: 45781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 80ms
47ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b99a2b415f8d604d5fdde2e50a206ea49419124fa1ec008f84bcc070c993bfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10551
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 70ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9BPNW7KP57&gtm=2oe3e0&_p=793599264&sr=1600x1200&ul=en-us&cid=883524188.1647873955&_s=1&dl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&dt=Permohonan%20Pelan%20Data%20dan%20Peranti%20Percuma%20Pelajar%20IPT%20B40%202021&sid=1647873954&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BPNW7KP57&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2469
date: Mon, 21 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Mar 2022 16:04:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 55ms
17ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c0424bf17c093260bb3019ccb6e24448532bcbf6b96aea97c039058af67bce54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27829
x-xss-protection: 0
server: sffe
etag: "1164 / 774 of 1000 / last-modified: 1647861146"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H2 200 prebid_2022_3_14_9_13_53.js Show response
anymind360.com/js/4961/ 288 KB
91 KB 27ms
20ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0e891d90fd990f2642959e9f11eb7f5158bb0d1403a50e3dd2c0d2a13732e02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
age: 232215
x-guploader-uploadid: ADPycdshc2F9nDI5T2JT5g8mp7MRcSgzBaZJlH4_hwysxG-fDKfr_i4JA1JiCIEATJjgibEek8PBPwV5FsQcYJtrcxoHqAapwA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 92356
x-served-by: cache-tyo11952-TYO, cache-mxp6930-MXP
access-control-allow-origin: *
expires: Thu, 17 Mar 2022 21:11:50 GMT
last-modified: Mon, 14 Mar 2022 09:13:58 GMT
server: UploadServer
x-timer: S1647873955.098833,VS0,VE1
etag: "707f3cfecc84f3bb23fd1fec18d737ce"
vary: Accept-Encoding
x-goog-hash: crc32c=EDINtg==, md5=cH88/syE87sj/R/sGNc3zg==
x-goog-generation: 1647249238540412
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 92356
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H2 200 outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 18 KB
3 KB 159ms
30ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 15:08:40 GMT
server: nginx
etag: "4885-5cc0a12ca1c8c-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:11:59+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 2617
expires: Sat, 18 Mar 2023 12:11:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=793599264&t=pageview&_s=1&dl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ul=en-us&de=UTF-8&dt=Permohonan%20Pelan%20Data%20dan%20Peranti%20Percuma%20Pelajar%20IPT%20B40%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1812195967&gjid=918407962&cid=883524188.1647873955&tid=UA-55620648-23&_gid=1563570202.1647873955&_r=1&gtm=2ou3e0&z=193905419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 29ms
14ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Mar 2023 11:59:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 156 B
132 B 34ms
18ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f88c354e9a9e14b8642be19f6f016658c812ffd019462cdde7d953ef294f06f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:55 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 89ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalsemakan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://portalsemakan.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1561
date: Mon, 21 Mar 2022 14:45:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 95ms
43ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aaaf19d843c5492519bd4c991e9d13375cf302b1c92b6284bf9cccd3ca0a048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19456
x-jsd-version: 1.0.1286
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"669-wGGgWQkPe87reTGXXUKEpRMh2k8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ef7795c4b900225-ZRH

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=OeQqtHxHUmxHek1NWWNFa1ZTdVd1SkJlb1dNeW1VZ1JWaEQxcmJ2aStLU3JwcEFNN2w2eVJkbHUzcGtYUDFtdHgveU5VZkFzRWZlaGkxRytUVTFjd25GQU1rSDV0QXo5NVNjNXNxd2ZNK3ZhMTE5b1REcURPOTNJUnVLWU...

350 B
618 B

54ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OeQqtHxHUmxHek1NWWNFa1ZTdVd1SkJlb1dNeW1VZ1JWaEQxcmJ2aStLU3JwcEFNN2w2eVJkbHUzcGtYUDFtdHgveU5VZkFzRWZlaGkxRytUVTFjd25GQU1rSDV0QXo5NVNjNXNxd2ZNK3ZhMTE5b1REcURPOTNJUnVLWU45Z1dvSUpIYVYzSXJTYldBUHAxbHpxbmF3UXZnSkRYdHJQYUNveVgreXN6V2hzampMVHZBb2dSZVMvVTNaRUFHUnVuazhFQjdRRWhFbVZpNHNacmJSVzRwYlFWTGJ6UkFnRVpzSzNaQ1FHQll1OWp0aW0xVmhkUG0yUWZVUVhLbGR2Yks1NHdmfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

94defb89d7c79c0784c0573d5f5c5960b8871e57ad966c85a56f254f4ed89477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2656
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
location: https://mug.criteo.com/sid?cpp=OeQqtHxHUmxHek1NWWNFa1ZTdVd1SkJlb1dNeW1VZ1JWaEQxcmJ2aStLU3JwcEFNN2w2eVJkbHUzcGtYUDFtdHgveU5VZkFzRWZlaGkxRytUVTFjd25GQU1rSDV0QXo5NVNjNXNxd2ZNK3ZhMTE5b1REcURPOTNJUnVLWU45Z1dvSUpIYVYzSXJTYldBUHAxbHpxbmF3UXZnSkRYdHJQYUNveVgreXN6V2hzampMVHZBb2dSZVMvVTNaRUFHUnVuazhFQjdRRWhFbVZpNHNacmJSVzRwYlFWTGJ6UkFnRVpzSzNaQ1FHQll1OWp0aW0xVmhkUG0yUWZVUVhLbGR2Yks1NHdmfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1865
content-length: 509
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 160ms
17ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=18959558286

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://portalsemakan.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 806ms
263ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://portalsemakan.com
date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 808 B
3 KB 119ms
21ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=387140&zone_id=2174606%3B2157226%3B2174614%3B2174634&size_id=2%3B2%3B15%3B15&alt_size_ids=%3B%3B16%3B16&rp_schain=1.0,1!anymanager.io,4961,1,,,&rf=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&tg_i.dfp_ad_unit_code=21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%3B21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100&tg_i.pbadslot=21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%3B21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100&tk_flint=pbjs_lite_v4.43.4&x_source.tid=24a1a96a-ddc5-4db1-9e1b-d784c784eac6%3Bb88b97c1-ec5c-4d7a-bda5-ff6f18c6e0b1%3B313f34ef-5ce9-4da7-bd6e-436b1037fcb0%3Baafce8e4-a438-43e6-8f48-f6681e845bfc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.8532816597158501
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3bb7f6d5828c9b945349223d6b15b2c466fa2a63d9720c852be5258dd8c738d5

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:55 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 808
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 89ms
28ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:55 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a7a51da1-5080-4faf-8745-4a8e7e43898c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
32ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 765bb935-f1e3-4df9-babb-1f2e2f6fabb9

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
32ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: a08505a0-5f84-4fc3-bd59-c38530399ec6

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
31ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 7230cb19-58f8-4317-9bfe-35c1df50a014

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
31ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 91097136-a829-4324-a29a-f8e6b72903c2

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
30ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 97c59bed-9ee3-4732-bd0f-1ef02b26303c

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 149ms
31ms XHR
text/plain 54.171.76.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.76.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-76-225.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 948fc15a-dc49-4f04-af12-83e04c6d8791

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
380 B 77ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=24a1a96a-ddc5-4db1-9e1b-d784c784eac6%2Cb88b97c1-ec5c-4d7a-bda5-ff6f18c6e0b1%2C313f34ef-5ce9-4da7-bd6e-436b1037fcb0%2Caafce8e4-a438-43e6-8f48-f6681e845bfc&nocache=1647873955249&schain=1.0%2C1!anymanager.io%2C4961%2C1%2C%2C%2C&aus=728x90%7C728x90%2C728x250%7C300x250%2C336x280%7C300x250%2C336x280&divids=ats-overlay_bottom-0%2Cats-insert_ads-1%2Cats-insert_ads-3%2Cats-insert_ads-4&aucs=%252F21622890900%252C21781000793%252FMY_portalsemakan.com_pc_allpages_anchor_728x90%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_res_article_below_728x90%252F%252F728x250%252F%252F300x250%252F%252F336x280%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_pc_article_right_sticky_300x250%252F%252F300x600%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_res_article_mid1_300x250%252F%252F300x600%252F%252F320x50%252F%252F320x100&auid=545707241%2C545687228%2C545707243%2C545707246
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: aad665636d201351d86d40dd0462fa9f663adccce5d3f5deb8dda782fbcdf34b

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://portalsemakan.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 337ms
23ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 339ms
25ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 337ms
23ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 338ms
24ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 376ms
63ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 339ms
25ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 190ms
103ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=713261&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223930c481258013%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%224961%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224051b6122fec2c1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396288492%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241bdea97b930683%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396223427%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2242af0ce686a02a2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396223427%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243235d5c637648%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222487813512%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22441dc0d7232257c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222487813512%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224584ff4374c5aef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222577361859%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2246b19976514d5d7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222577361859%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb83589a57c5a3e8c5f21ea3754e2eb9515e8370e5c126078c3c50601161a7cf

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.4], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://portalsemakan.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4510 13 KB
5 KB 43ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:35:38 GMT
expires: Tue, 21 Mar 2023 14:35:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F93 783 B
1 KB 76ms
14ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0922e73de7215b4f7d86657ea8d214da40c152a1dad266603f693ab16fbeb02c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IgBK/nIGmQ37gPSi93U2Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 21 Mar 2022 14:45:55 GMT
date: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IgBK/nIGmQ37gPSi93U2Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 65ms
20ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1212
date: Mon, 21 Mar 2022 14:45:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 151 KB
54 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0766e37797ed71aa16735a33a049c8e38950de648892e3fa64cb38e65af64e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54936
x-xss-protection: 0
server: cafe
etag: 9347305360392122244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 39ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECFF 76 KB
25 KB 423ms
421ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9a0b0b1d0bc792d6e2532ebcf761a4b5d7cccc4358166a25527bce890792dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:45:55 GMT
server: cafe
content-length: 25226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: private

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4510 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 10:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 10:37:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame FDF0 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 20 Mar 2022 22:52:58 GMT
expires: Sun, 03 Apr 2022 22:52:58 GMT
cache-control: public, max-age=1209600
age: 57177
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F93 0
0 59ms
59ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=778868720849184&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame FDF0 4 KB
634 B 32ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 13:10:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FDF0 205 B
294 B 38ms
10ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:08:55 GMT
x-content-type-options: nosniff
age: 2220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Mar 2023 14:08:55 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FDF0 604 B
1 KB 34ms
9ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 23:15:55 GMT
x-content-type-options: nosniff
age: 55800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 Mar 2023 23:15:55 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame FDF0 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 4666862433802105431
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:32:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D4D6 8 KB
892 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 14:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame D4D6 2 KB
904 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:42:28 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame D4D6 19 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:37:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame D4D6 2 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:45:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4D6 117 KB
36 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame D4D6 15 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:39:33 GMT

GET
H3 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame D4D6 28 KB
12 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:55:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 19:08:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 92FE 143 B
163 B 13ms
12ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:06:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4510 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vRJgDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 92FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

43ms
43ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Mar 2022 14:45:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Mar 2022 14:45:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E4C 35 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 10:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 10:37:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame ECFF 19 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:37:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ECFF 8 KB
714 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 12:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:55 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame ECFF 14 KB
3 KB 60ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:09:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame ECFF 355 KB
123 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:09:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame ECFF 15 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:39:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ECFF 0
0 21ms
21ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkvirnMWDzk5Zt48kNzP5hWGbagAFpU1dKFH03giHps9iXYMGlXaqTXHIY7AaEpkG-mi-3sNM9NsFyrSXtwwUFPHlP4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 200 admin-ajax.php Show response
portalsemakan.com/wp-admin/ 0
736 B 2055ms
2055ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsemakan.com/wp-admin/admin-ajax.php

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
x-litespeed-tag: f1f_HTTP.200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5olWqOWX592WWlOl3hZqPJZKe2PcnYSdz3DAqqKnlqwlrru8o14XFIrK89mD5JGEOXu5MOBOG6hLIdU6DkfOYjJQdLSH4XW5UdujIVMrWL5WitTEFT27SZ41d1vJhUI3LdRgs7NuXs7mxhjMn3kbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77960bce541ea-MRS
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ECFF 0
318 B 350ms
119ms Ping
image/gif 2607:f8b0:4002:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l10tlu2t&c=5208032787825&slotId=2604016393912.5&qqid=CIaA_-241_YCFZUSGAodYMcNUQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C44752538%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c00::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ECFF 15 KB
15 KB 54ms
34ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 499081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ECFF 15 KB
15 KB 52ms
32ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 503167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECFF 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CpUW-o484YsaiG5WlYOCOt4gFyv2ijWmsmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMByAObBKoE9wFP0CGQJzKNriAbWhHOo0fg7oDH9k6jyVHHclVg2KYI2oMRFmpYHCvHe673NGgXIE_Nqy3AKa-7hl77bk1e1bXUB1rmTl-ZTngypkE8J2zk7OoGXuDGet_uINkHFpLQNXCaM_9UL9z8sNGgg_wRdrzLcJ576ODbRIS4bioXo20nBe6QPU9lnF83eZDnDc0gGgI4NyjmsOzgR8lJNHAkvMdI3Nu3V33R11s4VJW16ZyZBXuEP023txejrDpLuzw97G-aJd_R63ydYv5WsIouRQ8V8by8AFPcdOur1likfm59FWFfxESpNJ1ma4K4iP4cxuLnEbAywe3iwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1647873955982&ai=CpUW-o484YsaiG5WlYOCOt4gFyv2ijWmsmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMByAObBKoE9wFP0CGQJzKNriAbWhHOo0fg7oDH9k6jyVHHclVg2KYI2oMRFmpYHCvHe673NGgXIE_Nqy3AKa-7hl77bk1e1bXUB1rmTl-ZTngypkE8J2zk7OoGXuDGet_uINkHFpLQNXCaM_9UL9z8sNGgg_wRdrzLcJ576ODbRIS4bioXo20nBe6QPU9lnF83eZDnDc0gGgI4NyjmsOzgR8lJNHAkvMdI3Nu3V33R11s4VJW16ZyZBXuEP023txejrDpLuzw97G-aJd_R63ydYv5WsIouRQ8V8by8AFPcdOur1likfm59FWFfxESpNJ1ma4K4iP4cxuLnEbAywe3iwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame ECFF 28 KB
16 KB 173ms
83ms XHR
text/xml 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BKfF1H7jyPtSp8-gHuU-DytPcdRZFWiG843HV092FLy5o5xVbsYalgW2QiGMP-vQxZ5duW0905eOUqiMJx3ikErmTzbw&cry=1&dbm_d=AKAmf-C0uvEEd50YEDwZ9Dmx-p1OnygHqpwgW36Rf3yHeYR2GQnUOWHhNKu6NjbY6StSCSFhPp1Zi3dxDI5wFxtaS_Q2iTyPiVHlU8T6eISYjx8re7C52Pbl6NgecjmUvG5-tPoz6rVHSiAR-PFnjjKcO0GYRJoyqEwPfQFauVPj_rhOe04j1NSXn1k9Bt3lgFwhkbfJ2D9fO8LZRuL9W3igQSLWKx6MxNKpCOtNPPoX3gNT62yKfrcKvuBsqa8Lrb4LnnD1EWjgMf1LcHHFymuJP4gSqXwnsErgEYX_38Yw-FBfbEb-P_15h7KTu9udgHpKwuXvnzXCRSZgbadELzzaRD6XG9O4V90FoczmFUbgWR3lA32N7HmLLVjDvpqb9zdSfxlKyxU6ka_Ot7RhhkQqMO9mfvdJBoUMAI5qVeU1r64h8JCLtk-cHS3iiLhtG5Xnzoaebo_tZb8c9xIUEYHNaOJ_IPJ2k4G3mdeuAoKXQGDp8CjlkWBvi2oFx-h3MgPVMdsoIvZkbvySPjW4MBiq384saEkJhhTdkJ0mlPBVX44pkUb_Jkxrr0KNGQiwkvufVDtoZESf85d--AXEmf90_0x2DtiM4qOFLmncqLOUoW0jtMgnFyuM3NZYCusA_a0MnbIdA1jVuRpbBBDKTRTR7yeRX6ibYGVXlZyXyu_Zq46E-4oe7hsD_ROzfvw7PYCvn2fY8pfIzRovC3WeOTl2vleMvSWeooxxzSPEhn5S1D6_eVT0b9TgV9kpWp3GAR7IbfM1iSGtyX5cRDyiSfjQBHuWekhvhbHh8EejT62KwY_ThZYO7uLX8wEiRZWhBALkzUpbmdnMpIsN_zC7YFvHpfE9O7nnEBtvKznjW26ErWw_p6PhTo7k8Ouz5d52RHBNnoFYFS8mNFdHHQRZDpSwynguouH6J0gnWnbcgGZ-y9I5YdCgZNo0XOu9KWqVqGkN3aGQYpTDKpKHR-9FvVsTA-xkd68bm6TeG1h_Sf1962jYRW5-uhV1yom6t1H3N3ViHBjpBM_NLoohL3zsylhULlZCWrzKSMrRIihiIEeexLqcOKg0ag69gXMuuadjf_9BltDwYw9O4RM_KWhs4ZQeu6ULcpWLLpsgNY6XGzugOVR3CM-rtwKKrx-1HYbDLSdJX8p1a54c8wKFCVZLHPKRp9V5n7AKALWNANtE7cyuDco1hHDkMbmGQF1OBOwLv03AMbX4_XfMIO9r6g0jhd7zmfXh4AV6lOYeE4aOpsXw2qb7HOJ7hON1auWTKDhKfiQ6h1Asv6SsJFTF7utpzvmSRrS9rDYks9c3EpnzZxWl_MKJfHEntQFi5kEdG1-C1vmu9Plw53NLvcU918iksOKXViNhTHrKtU9r4J55aHGypNBNg4sZufH4MXDSkJA9LER5ZKyPFTUbHPUKx4L16rEshQItfNhur4Bhn8cgoBYbUZJxaXrln3WGilqux6X2usf0IG1CqRAe1hm9DOcloaRRL0yxFd91IumgaXhsB-TQLO82Nj109__hXSNqTo3ZYvKpsbK1GbOSQ_aEn0JzodNPw1sDBmQ5M_Eau3ofdVAMN29pZN8gSV1WokOv9a5y864Z6_-u_wwfJkhqLz3pn8NxsjErpg7ddT4zHaCqihwq7bkYeUUqSDxaMVGdLzKuGbr19PpldrvvKLyianiCfUyLZYQIkMWhG5nilnz07bkR2HFpbz_4ELHERFCK6ekRD0HD1UqejZeJGERr4l5Xna6d1LSBiv-Fu7hoNBL3jK0x-rbPDnHTR_mlKLqLJBtNbQr_um6F4NafsFZXHjzSf9yGUPXJ42SXJXEEKktDNzxjHu8QM6b2BV-qq4mkdIW8nJpqVlAkvXe6rYtbWQQj94SwB3jhdpQxnCh3wYwMHAzvXKiGMxUwqESwavOVj8vD_Rd0B4RxaD1VR0Yfdhq26E-DGb70_J2LvsOw2_hi0NztIwRXa7HxItm21jhHJJpnAKE8mY8j_eGm2eHf362eGH4cS-BeCRn7dvnUW8e2kdjx4tNaYlgNRXw40stZ9DDmCPZHGFsDwnnIbT8SBkZQEZLPR0ntDuu_ie_KHNwsyhPD7Hz1YGsmrHwywRhu1UmqFS3TYL73VME81EvHb86Ud2a-Q3_6NWjp5Q8WpxUCmZpN1DfSdTruJyxxlrLsy67EG_XlbcDsMZEAkdRreScYeUA0r9BNBfJZhBgVB8hjGe1kNgqPIcvb7NNtv7xKn9ciA2rLhv-VEh1kGPRYL0umyw6z5oiBy5kNVt6iq4fZgYZ6NB-186_rHmY56j4DiFH0Ljdh9bbk3S9xQa8kug0iTR4a_K1evWxwDfeERhykfQLLzmE8iWGgzIfohCMbTvzxBu2jKYS8L5199392l8ObadDiRbUlmlW2bWmiKJTltI-udXCyO8qYGCMWjf8WNPHV2GqLtkoHWNNpWlc8CxcupnSzs8hdTLVz4I-zuyv3_IaY5ATXjjC8ZItmq6ki8GVxrrrowi6C5FGB24LzS6bBTV4I9qBwbBZuJNATXmmIwvthnwnOI2iqASkW5wOfGetSyfNobEss1Mj6SaGqCf3ga47KGWogZQGnapQQ-x6TtdXhyPCUuwV-0COJgd-3c_2FF-yJfCY2Xb9DcTIz-yb1YVzP4EWyW-T-ewZS85dnv1ycqZy4UU6WxP-jJ7I0T5o1xWQktESlVAyMy_fJcfCbThKWytKFKqiqgJISJRUaFfJjBnrgAp1kaUz-qdiEFUxLY45KN5unzWs0bgBv5TpF08HcrnV6f_iVAvvZcl-vPt8CGATLHNUe3qh9ZBlEesm-DWIKYGA92zgBlZDjbVz4LUZiviySH6wz662UDifykMGYu9ckCdv5RMw-5fKmlp2stz7a2qi8gn7amDAsl3KM8b8a0pymWnuf9TN1DzMvzv5UpwnwifCjHz0HhYSjb1zCPkUseITYzI06tZ_FfpADvHU0OloKJ6zIlW5px_CP32SCR8CCm38jtx-ohgI_gWW6Ol2IJAHb4bDLDAtecyIxzy7D0KcfCnMSB3X1ZeTBMh50voJ-11hL86kUbXPs6txhudUo653wD__lM4eEEjYGzZJOCz8bcj2jgm62gdsKBwWJie3yTitWyoMw7ljn0rfpY-t586XtIU-zXfUyiAjgdDRsNXfHE-ZIIiwNFuX9ugYn_BEfo1kOsrK3L_20bgL9qijgTG2IpUc5Ovm6pUesOEK5D71NrQS9b5aF5TndEIeA6me6M7GE7PeW0zq0exMG7tokBxlpA9wlkN3F7H2hQ-NyQwhh8aObDQPeyCS93XURMQaWmk1P2IvgjzfcWcPyVpX-vjbH_ibWr5JS2DMMBgj_FiGkfDA5pTJxfOfKxYEVACAoM5zuSjogtlKoibhmJYMQ7-wkaCRQP0AvEG1Tbx1UiyOCSq9OmigdOKpe99pjGDsjhhcbTASm2P_V3Jzb4GY3wp6oOoI-B5dOOjTt9RzqGrxjvzrO9qIG-0E9xH_EaYhJH7A5hwnpmAegUpQ0fCEPTbNxV3IbpCaRDrI9hmrC4H_ZPo91mqAQwU_polOJVEObIOHahugVJQAlBgr2fNW59ko59yvM&cid=CAASJeRoSmGgRwisVYgkYuIiW0BC9yqAS1UNLK2mLUqk1e71Lcqs2EI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

7081cfacbe89525348dad12703a69c9120032039b50d3779f60fb9946febef5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15561
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ECFF 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChUsRo484YsaiG5WlYOCOt4gFyv2ijWmsmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMBqgT0AU_QIZAnMo2uIBtaEc6jR-DugMf2TqPJUcdyVWDYpgjagxEWalgcK8d7rvc0aBcgT82rLcApr7uGXvtuTV7VtdQHWuZOX5lOeDKmQTwnbOTs6gZe4MZ63-4g2QcWktA1cJoz_1Qv3Pyw0aCD_BF2vMtwnnvo4NtEhLhuKhejbScF7pA9T2WcXzd5kOcNzSAaAjg3KOaw7OBHyUk0cCS8x0jc27dXfdHXWzhUlbXpnJkFe4Q_Tbe3F6OsYkpZZjWWv6i3f08UcymdhJ4DqOL2MtM83nnlRcB-V6H_QHOsxV_Z8KrRarH8QrMJR1ci6DDeQEz2v4bABO3j9b7jA-AEA4gFoL659TuSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ49tIGPys98EB0ggJCIDhgBAQARgfgAoByAsBsBPE0K8OyBONlafeA9ATANgTDYgUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi05NDI3MTQ4Mzc3MzMzMTQzGAA&sigh=69bInYrZoyk&uach_m=[UACH]&cid=CAQSPACNIrLMXBvGhUwX2O2RmqO-hHrOygoxRfjUYllEQK6yBBfskCuGdtCbhghcA7FjcG1ONCW4vlvWJvW61Q&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Mar 2022 14:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4482 1 KB
749 B 11ms
10ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4784
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame ECFF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6ee554a0005533662357d171f607619ccaafa1f24ab629b539c7c6d6a63fb67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 463ms
462ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=778868720849184&correlator=1826063438534254&eid=31065672%2C31065516&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_pc_allpages_anchor_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=2963130588&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&abxe=1&dt=1647873956063&lmt=1647873956&dlt=1647873953401&idt=1891&biw=1600&bih=1200&adxs=0&adys=4&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=728x0&fws=128&ohw=0&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

05fd58bc7fe4e046c8d8ccad8c11e91978605696d33bb1338965233e36c45bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 212289
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12340
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327869
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 486 B
284 B 290ms
288ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=778868720849184&correlator=1826063438534254&eid=31065672%2C31065516&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_below_728x90%2C728x250%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C728x250&ifi=6&adks=1272540897&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&abxe=1&dt=1647873956073&lmt=1647873956&dlt=1647873953401&idt=1891&biw=1600&bih=1200&adxs=291&adys=5479&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=668x0&msz=728x0&fws=128&ohw=0&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b0e2d4bc90ab81c20517135a48aa2ed5d8169260123605fc85220524765a0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 569ms
566ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=778868720849184&correlator=1826063438534254&eid=31065672%2C31065516&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=1383592160&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&abxe=1&dt=1647873956078&lmt=1647873956&dlt=1647873953401&idt=1891&biw=1600&bih=1200&adxs=1600&adys=1200&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8fb7754cff2ea5b30b613e4f37242efe19c0591961f66f6456e9d2d1f27168a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8447
x-xss-protection: 0
google-lineitem-id: 5943277188
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384451135
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 486 B
287 B 1164ms
1160ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=778868720849184&correlator=1826063438534254&eid=31065672%2C31065516&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_mid1_300x250%2C300x600%2C320x50%2C320x100&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250%7C336x280&ifi=8&adks=1412468635&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&abxe=1&dt=1647873956086&lmt=1647873956&dlt=1647873953401&idt=1891&biw=1600&bih=1200&adxs=291&adys=826&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=668x0&msz=300x0&fws=128&ohw=0&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d67ed55311ad9bea0dcc7f8474c61cae381ac9a5e8f0b7b0170b5b8129a2e1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 482 B
283 B 951ms
947ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=778868720849184&correlator=1826063438534254&eid=31065672%2C31065516&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_pc_article_right_sticky_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=9&adks=1639631207&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&abxe=1&dt=1647873956095&lmt=1647873956&dlt=1647873953401&idt=1891&biw=1600&bih=1200&adxs=1020&adys=778&oid=2&ucis=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=330x0&msz=300x0&fws=128&ohw=0&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

470a890b82200c4cfef6d1efbafeda1895e58fc4ce60c18fef4f54a0fb762af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD56 6 KB
4 KB 130ms
27ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Mar 2022 14:45:56 GMT
expires: Tue, 21 Mar 2023 14:45:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4482 35 B
465 B 92ms
16ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEPPTWWgHRdu3nc3WZhfMI8&google_cver=1&google_push=AYg5qPIBjE-ajm-c5PwF3XWN8rBi5vALKuaowqvhFbqLs_XylSCaOr8oUXf4hcxQtCPsu6LM7oxoGr1IoV3LBEp0GkWswgzyA1HU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4482
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEL3px5npRmb7PeCa0dL_8H4&google_cver=1&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX&google_hm=Q0FFU0VMM3B4NW5wUm1iN...

170 B
188 B

74ms
59ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX&google_hm=Q0FFU0VMM3B4NW5wUm1iN1BlQ2EwZExfOEg0

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ16Iy10Ho8wxpks51IimNj4L3dmbed5MCiq6FOXXvmY5u6-BqxnpNmztLV6qGWiMeXFAEBOTXja9GMQ4UD4QwGP2qXejZX&google_hm=Q0FFU0VMM3B4NW5wUm1iN1BlQ2EwZExfOEg0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4482
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKrB2-dH3jR1wOd6PW5mqwsUYYQh63KHdGOGJuRo0v9A85Xl31oLw0jI4kK3xUW3GFC_GgCWsgCQ7HRtDoAixWlgnT7loU&google_gid=CAESEPDY8j_eU6Wj-aOgxPm5dIc&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKSf4pEGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLckIyLWRIM2pSMXdPZDZQVzVtcXdzVVlZUWg2M0tIZEdPR0p1Um8wdjlBODVYbDMxb0x3MGpJNGtLM3hVVzNHRkNfR2dDV3NnQ1E3SFJ0RG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbFF0clhWWEVFdXM5OGNncmtNU1hhRmZkMkY1Njg2LW94TDNpUzhOSXlEdw==&google_push

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbFF0clhWWEVFdXM5OGNncmtNU1hhRmZkMkY1Njg2LW94TDNpUzhOSXlEdw==&google_push

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:56 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbFF0clhWWEVFdXM5OGNncmtNU1hhRmZkMkY1Njg2LW94TDNpUzhOSXlEdw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4482 43 B
351 B 74ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE0v4b3ww1m8vW1Vkb1aAds&google_cver=1&google_push=AYg5qPJNmg2Xv_xwsieCgJ1Kak6QkTUQOek70dFqMzHdGWrbt0wG4dReimeFNbKK8UhfGwTE5XBGQEVApQ8CHvV6Ya985mD1xSgm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873955&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873955386&bpp=3&bdt=1986&idt=3&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec35bbe01f3749a8-22e3191562cd00b9%3AT%3D1647873955%3ART%3D1647873955%3AS%3DALNI_MZhyaZmZ_o6ahkdNth92Re90PA0-A&prev_fmts=0x0&nras=2&correlator=1952985218076&frm=20&pv=1&ga_vid=883524188.1647873955&ga_sid=1647873955&ga_hid=793599264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760475%2C44752536%2C31064036%2C31065470%2C31065516&oid=2&pvsid=778868720849184&pem=954&tmod=1858591774&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Zjf1FmdVTi&p=https%3A//portalsemakan.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jt6t36p844ltnnlpp7ajhpkh9elgakkg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4482
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJolYY81Ba2TKMyEMY6nkBUA42J6DFgWemIrnvSjO5CrJzlTzWPC6yk3Cw-_xtsHuyTnV2tIsE_nkcQ0vDGTenkN0srb-_M

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJolYY81Ba2TKMyEMY6nkBUA42J6DFgWemIrnvSjO5CrJzlTzWPC6yk3Cw-_xtsHuyTnV2tIsE_nkcQ0vDGTenkN0srb-_M
date: Mon, 21 Mar 2022 14:45:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4482
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOHVSCjuZX_lkEhfUAXFwDI&google_cver=1&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS3BQK_D7rfSrKnX4pQJvFOM2s

170 B
188 B

94ms
59ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS3BQK_D7rfSrKnX4pQJvFOM2s

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy&google_push=AYg5qPK8rQuQMEyiAeB2xdRQOatHKS-iX5t8jtKRXfK1WydpaQfeWWLCV4SEoH-lRC7YtfBoTXS3BQK_D7rfSrKnX4pQJvFOM2s
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4482
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58y...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4482 0
232 B 82ms
19ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHnDjsnGDSLHtZIbqrvXhsktF7Ha5UvMgZCP0BRtxglEOK9qQNwk8Fn62vjHfmgSHPFP3p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame ECFF 41 KB
15 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame ECFF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

203ms
19ms

Fetch
video/mp4

2a00:1450:4001:6c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56299D247D1D0BE2E33E8C1DB49B5FEFC4D673DE.184DCC2AB8342E5774AAE82C2F45467584F6E9C7/key/cms1/cms_redirect/yes/mh/I4/mip/2001:ac8:20:3b00:1011:42cb:9e3d:4dee/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1647873644/mv/m/mvi/3/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:6c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:56 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3709192
Last-Modified: Fri, 11 Feb 2022 11:48:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 21 Mar 2022 14:45:56 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56299D247D1D0BE2E33E8C1DB49B5FEFC4D673DE.184DCC2AB8342E5774AAE82C2F45467584F6E9C7/key/cms1/cms_redirect/yes/mh/I4/mip/2001:ac8:20:3b00:1011:42cb:9e3d:4dee/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1647873644/mv/m/mvi/3/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
304 B 133ms
120ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1647873956202429503410&uniqId=14c41&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa4-0fd7c&pageView=1&pvid=17facf1196b9fd4dd23&site=765693&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef779626d1c9bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=778868720849184&bg=!DA-lD0vNAAba2mK92to7ACkAdvg8WqtN_BtiwDIri_cS_R5AkNA7PccUfn802rw1HNFDyEx2DtUDowIAAAC-UgAAAANoAQcKACT1ooXza6jTlbvdKst97_UU_ONhQosQ01bwgsM8rnizm5g_JaqZAu5zWvbfZXmeYzNcFjyxEd2KvfomMTVXRXIoyyDoINYCsQhBbj-GmW8yjrRnc2Y4Ga3CsoaLp4cYx7o8fEH5oopExG_3fQtKvWZHhemco_YnMld2O0ZZXXIJ-mEe5jZUrnIUwCxSrVw4axp4s1mEn0in5uHA3r0UlWju-deqjs59Wn8WOZ3nEm_KcLn8-5ojwvfshMHVf1v9m_Yfcee4J0-qL8cNmxIzoDrdRSvvH9UiktlxCXaDXd_jb1oQQHg43lK2InIiEaexeZoNrlaQlRLUqyaTmWYyyr-pUh9JsasJb6nPbdXNh_NifPhHV7Xd-eOtDSqpkQ7OgU8e7CFJwfLIJeFV-RjRYUR_cBGbgeOcPmC3_7OCmikElN2S3pwlEZf2UjyrAqFdjTB15xZJA5VuIXcxcaZqdE1qak4mCxFlZsvSExxAo_pNRKbhkJlF1T42i4-jE63XPvJKutpsjiRmD3HdJzofy_asHKqPiCxC1Cb7PgIcHmOS6bVTMc_gSHZYhGaQW9PGqM-SzByA2lfOlLn3wGogCNlOv16mfP6jRijsqu_XBScn4pPd5jNzJAy4NNRDfGySgsgsbaOxe6sZ5Dy322uK0uIMRHfMmb10DDfEjefsRCViv9c3FS0lI4dNPyEIcJTl6QgMii6Rirqyw0My3g7GcIgQDNEU9vJNcK6QdP2ivipQiJGqs04BsgHc4SL4fQWLnoMQKJsEhZmnCArEwbw_6Lm3Tfc1YvLxvt9GS66VJfTNNB35p9-_LfOFI4nvSFpFXgW3WlJUrxrtFNlxrBtQ7uNVpbXfAm30mC5H7ZfXwySS-Cg3vuQMZBysvezBE8QtX5R41CSNasphw5xluirfJ4j83Lfraz2DxJjtahd7f2W2JpUVjW6qwoyjl0hIBeeTxcKjBvprnznE6BJquxRKOAjED8k-K8_MtK0lWY3jvOBamdHFJzPwKsVZgtDTi2P4YbYzEg1kcIFRTBrcWWKrWn62375pcMM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F2D 23 KB
9 KB 48ms
47ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 07:29:48 GMT
expires: Sat, 18 Mar 2023 07:29:48 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 285368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 85ms
35ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 3428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WYJFAHZEWX29G5P1
x-amz-id-2: 7OhnRNS5qYiPixt1bdMACoBnVA6U2fTn+4wxcph9JgZ8A6Wf5wu7tffo1ahPOZVgwaHgPHNZELo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef77962cf725c74-FRA
expires: Tue, 22 Mar 2022 14:45:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 88ms
37ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 2349
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TAP7D9AX42CTQWCM
x-amz-id-2: yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef77962df7d5c74-FRA
expires: Tue, 22 Mar 2022 14:45:56 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1233814/ 12 KB
3 KB 97ms
66ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1233814/1?pv=5&cbuster=1647873956302896235886&uniqId=14c41&niet=4g&nisd=false&jsv=es6&w=668&h=2894&maxw_6=300&maxh_6=250&cols=1&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa4-0fd7c&pageView=1&pvid=17facf1196b9fd4dd23&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5309c495fd3d3026ac1ab1ac50bc344001a3486a21c131b5fbad65749b3106de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef779631b715c80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1233564/ 4 KB
2 KB 86ms
59ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1233564/1?w=668&h=261&cols=2&pv=5&cbuster=1647873956303470714267&uniqId=17788&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa4-0fd7c&pageView=0&pvid=17facf1196b9fd4dd23&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7814d67b586ad36b03c6c24ee7b22e0f1da7f5baae961e0038f6271614487ae9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef779631b735c80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F2D 36 KB
14 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 11:18:50 GMT

GET
H2 200 outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 18 KB
3 KB 59ms
58ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 15:08:40 GMT
server: nginx
etag: "4885-5cc0a12ca1c8c-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:11:59+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 2617
expires: Sat, 18 Mar 2023 12:11:59 GMT

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 24 KB
3 KB 59ms
59ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 08:55:19 GMT
server: nginx
etag: "6184-5cd0a5f7ec588-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:12:00+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3405
expires: Sat, 18 Mar 2023 12:12:00 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 51ms
49ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 3428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WYJFAHZEWX29G5P1
x-amz-id-2: 7OhnRNS5qYiPixt1bdMACoBnVA6U2fTn+4wxcph9JgZ8A6Wf5wu7tffo1ahPOZVgwaHgPHNZELo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef77963e97a5c74-FRA
expires: Tue, 22 Mar 2022 14:45:56 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 52ms
50ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 2349
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TAP7D9AX42CTQWCM
x-amz-id-2: yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef77963e97c5c74-FRA
expires: Tue, 22 Mar 2022 14:45:56 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhY...
s-img.mgid.com/g/11739844/492x277/-/ 28 KB
28 KB 356ms
247ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739844/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhYmVlYWIxYzQ4ZjM5OTlmYWIuanBlZw.webp?v=1647873956-tiLfZAvGfPSiuat8xi1I_gTgx56PQ09B_F4_csPlsmY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid: dda178ff-cd4d-4eb5-8557-7397e7bd1de8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649b9792b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28782
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTUzLHlfMzYyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmJmN...
s-img.mgid.com/g/11739858/492x277/-/ 10 KB
11 KB 335ms
227ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739858/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTUzLHlfMzYyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmJmNjA4NTE0YWE1OGY0YjExMGIwOTZkNzc4MzZkZi5qcGc.webp?v=1647873956-3GpdcLjiWNCv1gsxynfB_85R9AjiYMkw2kV9x9Mhp3Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3d3b69af70099e96d03640dc42a6940e419d81a29a9ca545330163e0bf08e0

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 8efbe1fb-1bb6-4811-8b0e-c332799a1bd2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649b9b92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10314
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3O...
s-img.mgid.com/g/11739867/492x277/-/ 12 KB
12 KB 569ms
460ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739867/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3ODhkZGI1NDRmMjc4Zjk3MWQucG5n.webp?v=1647873956-mUEk6it7KsASLZ56nT9jkLx80fcrJrMrPWPnbnR_cS8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: c31d02b9-526e-4672-9614-6b257a334b7d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649b9d92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11924
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzY...
s-img.mgid.com/g/11739843/492x277/-/ 14 KB
14 KB 564ms
456ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739843/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzYmRlZDMxZWFiY2I1NzI0NGIuanBlZw.webp?v=1647873956-wxhhCfA7jJrLJfhYzywVtxQqoC5D4DQmqla3JNlgAjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: e6f2ba5c-da0a-4dd6-9324-d219464d4843
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649b9f92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14164
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlN...
s-img.mgid.com/g/11739870/492x277/-/ 17 KB
17 KB 596ms
488ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739870/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlNjQzMGUxMWJiNTA1MmIzMDkuanBn.webp?v=1647873956-m3jDQl2FxVGmZ7O_RAXuRhNyRp5deQXT1cWZYpTVWD8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 9a1ead08-129e-4a2a-8854-51d7d28ca53b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649ba092b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17578
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmY...
s-img.mgid.com/g/11739835/492x277/-/ 21 KB
22 KB 576ms
468ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739835/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmYzE4OThhY2IzOTkyNDAwMDhiNDRiNzAxNWQ4Ni5qcGc.webp?v=1647873956-5Z_Oq0TfA-KAdFEIHJ07-B5_eOG7p8zNGoLV8CKL7MA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: e368df64-31dd-45da-8c16-ed0a883b7ed6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779649ba392b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21954
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZ...
s-img.mgid.com/g/11739866/492x277/-/ 12 KB
12 KB 500ms
499ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739866/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZjQ1OGI5MDJhM2QxNmE3NGYuanBn.webp?v=1647873956-bNBuIRu1wvizIYvIvb3EwjzGgcZbf5pPLP6CUEPk3m0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 2f3a5d94-f8af-4a58-be32-70580c9874d1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cb392b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11784
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmM...
s-img.mgid.com/g/11739859/492x277/-/ 20 KB
20 KB 257ms
256ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739859/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmMjA4NTU2ODdmZWI5MGU2YjQuanBlZw.webp?v=1647873956-YO5NAyq90lKA-ghX1Fvt12i5MyQn1qJ7TmchamC448Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 2a1ee193-93de-41d0-bba7-1baa373c9dbe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cb492b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20140
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTgwN2JhZWYxNzgyNzVmM...
s-img.mgid.com/g/11739869/492x277/-/ 13 KB
13 KB 454ms
453ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739869/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTgwN2JhZWYxNzgyNzVmMjEwOWQ2N2QwYmViYjMwNjUuanBn.webp?v=1647873956-bBYcpDyqawcgHQzlAVNASHXwaJ30CMgUU6Xhi36f8Zo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f823ef4f6c185d8b947f81f6908f0c8bb8758a96fb5417cc1cdef669fa7f2664

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 84757a10-0d26-48bf-9807-66840ea6e0e4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cb792b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13178
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2N...
s-img.mgid.com/g/11739842/492x277/-/ 13 KB
14 KB 245ms
244ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739842/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2NWU4NjU5ZjcxOWZiMTFmNDMzNmZhZDIyZTNkZS5qcGc.webp?v=1647873956-3jb1t88Jwldhrqeb1fQ17r_7tmVlx74TZuPtQ2coLho
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 0be925ec-4699-439a-93e1-d62b63ef6aee
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cb992b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13508
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZ...
s-img.mgid.com/g/11739872/492x277/-/ 32 KB
32 KB 686ms
685ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739872/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZDFhYmE2NTkzNWYyNDNiODgucG5n.webp?v=1647873956-gckA3Q9rAViP-0LovDWDRjx2kS_4LeRjyo7YI-Gs9Fw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid: 7a6fff4c-0b71-4c51-8a8d-2aa1add3fdef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cba92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32530
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZjI5YzNhYjIxMWVkYjZlN...
s-img.mgid.com/g/11739871/492x277/-/ 20 KB
20 KB 472ms
471ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739871/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZjI5YzNhYjIxMWVkYjZlNzg5YWQ4M2VhN2Y1YTI2MDcucG5n.webp?v=1647873956-I6wbXctptdaf7X4PB0KaamiYBHDcRrc5g4BvhIhFujg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754d79c32d86a3d7b2ad327189b991f978f9c1c6f41f9bbea98eaa750aee9c93

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: b93f3694-3523-4fad-9665-30935513e0ed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cbb92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20540
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyN...
s-img.mgid.com/g/11739834/492x277/-/ 18 KB
19 KB 246ms
245ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739834/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyNDBhYjIyODE3OTJlNThmZDQuanBlZw.webp?v=1647873956-3gNcNYxMfCoSANSt_Qcm4IJqndlE8Fa-CmusJdu9uiU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:46:41 GMT
x-mg-request-uuid: 2a0b65c9-41e0-46ed-9bea-a01d0ff54e97
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cbc92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/492x277/-/ 13 KB
14 KB 459ms
458ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739864/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1647873956-QqqX-yuTh9adUfZ5PNl_19gQQIhu9pp3Y5lhy-uFfLc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 743c1514-e543-413b-a79a-b9fbf26b7663
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cbe92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13774
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4M...
s-img.mgid.com/g/11739876/492x277/-/ 12 KB
12 KB 439ms
439ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739876/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4MTljM2ZlNzU0NTE2MDJjYjUuanBlZw.webp?v=1647873956--jdvB-JCl4o8YxxD-oTmHdgwP86o7oCulU63vPQtnlw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 3a695d0d-faab-43d4-997a-20a9ce3a58cf
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cbf92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12160
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYzBmM2FmMWY0MTNlOGIwZ...
s-img.mgid.com/g/11739855/492x277/-/ 22 KB
22 KB 464ms
463ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739855/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYzBmM2FmMWY0MTNlOGIwZTIyN2NiNjk0MTdhNjAwNzEuanBn.webp?v=1647873956-A-KlHL6TnfljPgbcCLJ8MNDUq9ohWQ5VopduUThW7jA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2386b29d423527b0f402a0c9246348c320d174d94a364339f81562c4e6dbda9a

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: c34e91fa-b0d1-48f3-ad3c-74b3b4a70075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef779654cc192b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22330
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F2D 0
20 B 48ms
46ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOZPypI84YpfPBpWib6uendAPAAAAADgB4AQC&bg=!f3ylfDjNAAba2mK92to7ACkAdvg8WhYVPgFNa6XDXFBYUHGO8IRRP1e5dNs4V3In1-2KxMMyiKxCAAIAAAC4UgAAAAFoAQcKAGABHwgWM8PexRmmimd6N0WUIwsNaIW5VdOCMl2sGjjeqfZNxb1KscCZ0AOnSU4HBBGNHYW_KdT--o2fwrldxO-bzVbg16aivTHlNliMSDCwcme9jV1JkD5bt9zQGiF_ySSZAwq34TIuiRGC6dPJR7_LIsED7fEcLM_cF-J0V3UJICDyqU0SD0Stg6gnRMNJzg3zCpo4Q2Q9l07WQTOFroRg-UfaZXg7rvuTIm4pTl1KvILYUSRF5APhF2h-MZ5rXnw49ZvCAIIyIZ5zJpaTDlPPh-P-P_xwAj_-JVLss-dlJCb5pw8Q5MNrP4M2DeVQmL9On1u1WwCyPIme4iR9RG9S8E_KRUsVFAUgg3VwUqoTlMbc-9D_s_uwcBWW8SHmqYcI8N1XwAYtVsb8dBF7jb3wVcQCABZD4TSM02wXgJzCv5DQZ42AVmY18hrjrLavLIoWdNiUOnbabPpFN68-UIa1DKI7wCT10ECBaHeAveyJ2EjBnZFUGyyQqR3XMT_9p7XDmgBZctWYppEDFz0D7wlA8h_8yuWXfCcdIEotru4Z0YVp3f8SeeDmY1WmIB7N5q-1PcDMlwft6GBCDKghO4-z8S27ng0416YDdK5xKx0vAgPs5YTSH0PFK2YJURtk3GwKxUJ5BrRK9-gh0q2mHMHGc0V2qbNHyUpBJR3R6MYEbi4DsBVswHYusGdh6ad5W1rptHxPHFoarKmC6MGHd2NntQ0JzcTMjVh1DkCNe2Bfys7AiEgbKMvtJa3KrwriRv3YFNJ9_ggzgWX9bg4JHpL3vqz7IO8FaRvvww1_lNzGzzF6LCqb_kXps9-sTEUKsyAeHAhjgifA1PDalvArDV4ubUCUXtiyXIBJzPOm25XxWl4-eJpPFVi87zR7ruUDeCNOGo7eAKwwgfARuT9RRIwks0ucFalJdGnVg3x6cdO8sToMFuS6kPWxX8_or106jcSCWFZZEq1O8xkKTO7Jdw23NZGqM4nsqEL2mWCCLXVUwifAxWJeQ-TQ5J8OSIg0ivVLdlbLJgqpqS6wlzKTDvmFHF0Q1T1_ZyMoQzVHgpf9z-KvI9LNFM-HJwBuTTXckIHQBwoLx2IHcBZyHYlc6PFp0XQEXqxaulmk8_kRg0SK9UpIvcl1u1me8jZ4vP_LGUSJ3LS2kJiHg14T6C5u

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A236 6 KB
3 KB 35ms
11ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:45:56 GMT
expires: Tue, 21 Mar 2023 14:45:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 i.js Show response
cm.mgid.com/ 0
113 B 144ms
127ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1647873956584349442569
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ef77964ce4c5c80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 206 file.mp4
r3---sn-4g5ednsz.c.2mdn.net/videoplayback/id/7327b6434c055109/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409956/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame ECFF 162 KB
0 25ms
10ms Media
video/mp4 2a00:1450:4001:6c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3709191/3709192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3709192
expires: Mon, 21 Mar 2022 14:45:56 GMT
last-modified: Fri, 11 Feb 2022 11:48:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 6CF5 0
62 B 132ms
130ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1647873956602920095546
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ef77964ce4f5c80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A236 0
0 68ms
67ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJK0dpI84YsnCFYfMgAeAj67gAYbK5Z5chIHg9s4CwI23ARABIABglQKCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4McgBCeACAKgDAaoErQJP0EIdnzuhBODzbnUq6eR6o6g6G6J15rw2K99f78RCw8SFUgZCJaHWHKGYMSL4Wk-2cqG4MTnqjK57ZoNRpJpHnUKU_4MYJmcufERrOPNchCmE7P95cRQAS6hD54ya5fkYIfembwpvjOiwieIqqV2w5TIWDqvFG1q_gJK-S-zyS5pIj8AjV7cs4Ffeh8AFezHJSNpdUggRZRsEcerRtfuCPI_9KRXwYZqV6VZe9meqSnWW2ZGsvAzMPILFB4ZFGITdUzEDD9dkbsceZvf1qtyROooQAYok2UOMZCgiVJsUwF1jxJsy0LEHRfLR1Z3_Uga_AHDIJe5qKwj5umrILbzY2DR0a3jCkZnCj2jEWzY4_sO_oSc3YaR64LU_riPdzCXv9-yLDNaBh-QoLOic4AQBgAbZ0ZLlj8iA8_oBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI3MTgyMTg1ODUwNzU1OTSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=ffZirSmcZTI&uach_m=[UACH]&cid=CAQSPACNIrLMSAfqYXwcph3kaw1aFpraGlGUbpbdRZQvMgmWqssX5HKJ7kpaeHFGNTn7HWjnBSpKvKhffx2pDxgB&tpd=AGWhJmsge0lm9hPiQjRTiLEhuQZbq54STn3LG8OYSkuVRG9mvdg-t96RRWw7vudE8y8CY1LdjYM1zFLVe1rBvS8dqY3uSJVAWv4Vb3nBdzZauOT3gwdlvGrnvTwQjXCV3FJjz_7EUqwHw183Whw4Z-oYCmJYU2N1JthZ8Mcr5cwa7pUjal7semZWvjXsTeTf7UcUgPlSccKMUy1tn8icJkxKtMMdghHAUsPYjk7J7gQt49lj--OMEJWYgadumkQI2fcGzwinrtFhHh62oNHy0h-EyeONigazwjswR6KnbGCHo_OjhecFmkkdHfBu9lECNRqAiviY_8zzCsBvkxHpqcXvV5yD485erQpiXwda2hOcT4WCbkVAZMVx6AzOtVMu-3OLVZZDUE-wMIZhs1SP8ADe_q-uDDiB5unXP8q_mfgB7yNESGJD3jIa-QtyisV5KPMm9bTawHn8cph9UK6Yj7I2YelKBsBicu0694GV5E6bm7T5G13u6yq7f-3o2H7tanGZatUlzojzUwR77sK7jRYWkHfsWSwIc4QKnf3LHYg0bAwpkxw_ZBW6JTSe5F-qo2wXcGIV33dz8hov04dKpADUUTkEsu-FPPaMWG6QaunTJLBqrC6JCEPzy9M3naPknj8iZq5u9fN-I5Q7GDARCYCkpBK6xELaEQMbys7ye6BIQSKoBDTxyt0NBB0LJfvmlPvhd4ktfWB-rnIFgCYp-F4ydNXzWilSsGfgkJNkd1sy8gLxdgH9rwoze29H2Q3iSi6wdi3SsKuYkD0OhHFsjmtuY2V05d5puxOW-NRXXug8Okh5mP768enJNJo4sDfwqm11elV5win7eQHUgONQ0hxI6Hfm0OIlw9n6BXiJMxtUhHle4L7ymp1wO4IzwoLCO4zLEo2QmuITgNqvkQmPQ0jTldskfARf-djvmyYYDd0IWMymf030cC-5FpcNkyUGAbOqaXFTXGxYo-nGBpk
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A236 1 KB
1 KB 146ms
44ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516439;rtbwp=AAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0;rtbdata=bV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b7a0c2e5d8ff23e06e29c60ba8473dc2a2e5b772220e8a6cf984d3ff4ebc9196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 919
expires: -1

GET
H2 200 moatad.js Show response
z.moatads.com/openxdisplay970503469688/ Frame A236 321 KB
108 KB 73ms
25ms Script
application/x-javascript 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/openxdisplay970503469688/moatad.js
Requested by: Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1f0091606be52c0b9d5bb1a0ce5cf44e1da993b5d3737ce74abec2763b564612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:22:07 GMT
server: AmazonS3
x-amz-request-id: TWNZZ6D20J5W139A
etag: "6b9a4c9dd37800eb450dc01dcc9976f4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7367
accept-ranges: bytes
content-length: 110358
x-amz-id-2: nKGQH90YaTAX561hWdSzk1QkHhc49cYWQCctrZbEAwnZGlWWhyY0VmKm76IW1EUmCkSUXCrHQ9M=

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame A236 2 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:45:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A236 117 KB
36 KB 68ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame A236 15 KB
6 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:39:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A236 0
0 33ms
31ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSl9wcu3Wv3-9Wk8U_cxN2QJKiaRJNJh74oisnkfZWuYcurTkl6Nx6XtMkyxauwZlCYGwAe75YwPkqdFyfdsaMaJ-225Q
Requested by: Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A236 22 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 14:29:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D99E 0
0 63ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYwA_cl5AdEX5LwNJvAeiSPlfIKfakZBnebloSKSRw2AWwIM0VwWqg4dfRmP_gytGMBPh5qZfrntBX7ktH1asY_u8c-9inIKDMiGmtxykYFTxLGZvSVaHbgK4cYQD9yVnxqKU1kc4KDGs1Kv0thrXkzVNijlcAmkn-WPvTitAcVdLjWF12ZLRpZRHiCMuRfHdvECxYV2ldEqHB1eLk54pDN8Tpjg4Pit92O2LhC1qZ7M2LmZppT35MzI5kbCQU462E-phqgUH-uN6uOR3K7IGybavoMXfLvLSbzuj8Th_IdUWXCzhs4jHOWgzhIaQgEbmexzu3xOxCqww-c32brUIiyblUeXeEASI&sig=Cg0ArKJSzKONSwnydnpjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 5998.js Show response
cnt.trvdp.com/js/1273/ Frame D99E 3 KB
2 KB 158ms
19ms Script
application/javascript 2600:9000:223e:e200:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1273/5998.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e200:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60d7bcc95b56519372589201bc6dbea3b108c1f20b474b8bcbc2a4fda5a7f1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 09:16:38 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 08:31:25 GMT
server: AmazonS3
age: 624559
etag: W/"374d69336b678831057727e86193b2bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: nENtm7Sjf9qwPOKq5REI1XZJfbM4XzkbufrGRFHAE-Yh4CqJl8smKA==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D99E 117 KB
36 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:56 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A236 33 KB
16 KB 206ms
43ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516439;rtbwp=AAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0;rtbdata=bV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 22 Mar 2022 17:58:08 GMT

GET
DATA 200
OK truncated
/ Frame D99E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4d043db0acb5168a5cb53edf6cf2c86a7248a4754988b5e6077c8f116e59e83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D99E 0
0 80ms
79ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEsLJpBVzXr8AC4thkwwleWQ003wKsRnjfOBvxMOaX_TVoEpsRFqngmt1NeFHcdLHBGVmJswjUC9FbC3d7mFvvJrM3vx2V3roaUAYdHHwVj5oG26oQuc5ekusfwDNWzjGh6zbpYa5bm8KgZyLl1X7FfKCHm3wtnfzEBD10gEuTcBO6-iy3KG1vrLmZecojrlIgdKNw2Tj6Xtc4IhxoIYuUObR9atjsZatkOBUbtxTqVCj4zr5lTVc_ZVQJVlb18ua61XXk_BBmCfqp_FDDzEHPTDGwi7GQrDysu_0yuLnQ_qnep-Hx3nB3Q3Sj-p7ybIb78ws6TSIAQ-LBeW4aKzCyb4YcohseW3KyMA&sig=Cg0ArKJSzE7opt9BGtxLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 14:45:56 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A236 5 KB
3 KB 33ms
31ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=38516439;rtbwp=AAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0;rtbdata=bV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1;js=1;adfxid=1x;9252;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fportalsemakan.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

85ec47d49a348a700aeed78d11853ad71889dd49d919e7196549b9d3724a05d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2365
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A236 35 KB
13 KB 102ms
42ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83807
x-guploader-uploadid: ADPycduPpGbywM8crEVhV0S3UwNp88qS57Xy9B1TDxXsH0BxIJc7QH927tRc6_moDQdGoDOjSD7MAO4D1y1Ek7iWPIU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Mar 2022 15:28:50 GMT
server: cloudflare
etag: W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS3bC4nCQNCsPiGxNpsMCjQzfDXNHp1ax2x0e%2FNr2%2FH36Ei9BQyZSBPWcURVVbO3k%2Fd%2BeHY8HeSfgwRCfF3ZA%2FRn8kukTuEAeer02%2BMKkrSNjNusNDYxTjtjS7LT9oLtzpM%2BYpI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647358130172556
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11881
cf-ray: 6ef77968292d83be-MXP
expires: Sun, 20 Mar 2022 15:29:10 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A236 35 B
502 B 22ms
21ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516439&csi=vTwAVoqcvBgOQSdc4FHIfhC5oSes_gkdo57lNS_vWWzZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame A236 43 B
208 B 20ms
20ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=37&asset=218&sid=276&rid=10633&cid=82436

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
last-modified: Wed, 20 Jul 2016 08:04:05 GMT
server: nginx
etag: "578f3075-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 100ms
32ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/6011/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: db7064d1e7bff25932d4f5fe029239fe46e1057de89139a5a48220a76cc4d3d4

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portalsemakan.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 20 Apr 2022 14:45:57 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame A236 34 KB
15 KB 40ms
39ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 22 Mar 2022 18:09:06 GMT

GET
H3 204 1233564 Show response
servicer.mgid.com/vpaid/ 0
453 B 37ms
36ms XHR
text/html 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/vpaid/1233564
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
x-mg-204-reason: no bids
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsemakan.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef7796849fd5c74-FRA
content-type: text/html

GET
H2 200 n.js Show response
geo.moatads.com/ Frame A236 84 B
258 B 202ms
40ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-xRAHNMY1NqKUTA%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=OPENXDISPLAY1&hp=1&ra=1&pxm=6&sgs=3&vb=-1&cm=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873957190&de=800330913282&m=0&ar=359f21c1e97-clean&iw=485f194&q=2&cb=0&ym=0&cu=1647873957190&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=537113485%3Aundefined%3Aundefined%3Aundefined&bo=540308356&bp=540308357&bd=540308359&zMoatID=-&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&zMoatSZ=728x90&zMoatJS=-&zMoatDR=-&zMoatBUID=0&zMoatDEALID=-&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&zMoatOrigSlicer1=540308356&zMoatOrigSlicer2=540308357&zMoatDomain=portalsemakan.com&zMoatSubdomain=portalsemakan.com&gw=openxdisplay970503469688&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=197273&na=582605313&cs=0&ord=1647873957190&jv=735064397&callback=DOMlessLLDcallback_87829045
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/openxdisplay970503469688/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 3d2c43c2a939d4de06afbd2df497a4c4619907d0540fda06ae17d802f24900b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "2238018736f4b5588c53e7123dadb1d06b7abd63"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 794B 0
91 B 65ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Requested by: Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD8A 1 KB
749 B 23ms
10ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4785
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A236 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 776d36593df37e388073219929376017b98cfd39d6859e4b84e0181ee733137e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 1233564 Show response
servicer.mgid.com/vpaid/ 0
766 B 149ms
30ms XHR
text/html 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/vpaid/1233564
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
x-mg-204-reason: no bids
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsemakan.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef77969cd519113-FRA
content-type: text/html

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 147ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Mar 2022 14:45:57 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame ECFF 0
17 B 224ms
111ms Ping
image/gif 2607:f8b0:4002:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l10tlu35&c=5208032787825&slotId=2604016393912.5&qqid=CIaA_-241_YCFZUSGAodYMcNUQ&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=862&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vmfc=14&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c00::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1F22 2 KB
2 KB 62ms
39ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires: Mon, 21 Mar 2022 15:45:57 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1953529
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R12v2stu09NR%2Bc95YNsx6T9eorrqbEa3CyGhg6olq4C1i6MC06MaZ7LKsf9AYkQ2ewMqPVUstMdSnlpp8WFxDkvD%2BDblsT0ATo%2BpowmtKeI8ax4DpjwQm75gonWcKE0oHN42Lrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ef77969ee690f56-MXP
content-encoding: br

GET
H3 200 dds
rtb.openx.net/sync/ Frame DD8A 43 B
64 B 33ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE0v4b3ww1m8vW1Vkb1aAds&google_cver=1&google_push=AYg5qPKWs28RH6-9YRFmEhCZUXVIRfCbVxTS2SDHJmV2q9pYtkijac_kT5vNJlj0YQbNY0SoIgkXjJa9wbLJnRvT0vJfl1zcE73W
Requested by: Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: h6aqbuak2noe1qasudt18vklg3m0r2k1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD8A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFKo9ASegU-ccDeQNaqacVUBf7DVIuAKmSgFSgBBqENlWvBydvUFTbgSl9FkVYqr_N4HTCQYtP3qhUh33rN4V8I44OmgXC

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T7M2JGi9T7yKdd3Xn9DdsQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFKo9ASegU-ccDeQNaqacVUBf7DVIuAKmSgFSgBBqENlWvBydvUFTbgSl9FkVYqr_N4HTCQYtP3qhUh33rN4V8I44OmgXC
date: Mon, 21 Mar 2022 14:45:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame DD8A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8w...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD8A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPw3h0DK4b0uXT88lBvIME8&google_cver=1&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRnc...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRncaBB2DYrioROU

170 B
188 B

22ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRncaBB2DYrioROU

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:57 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLReuqE2bSGihMHJ_kWk0fzBSAZEa9nAsPzOwWa-oqj-LglH_MurBZjR1IQ1Hcd-7-MPq9H03VMr067zRncaBB2DYrioROU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: kNcQ5EMnITSgVC0rMNVqs_6nTLUo9Jg_nY79TFEkzYJzsfkl7FqRfQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD8A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-1d3345d5-6cc8-4dc2-ae48-e99b1a58c4fe-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ0LLTZ-LMlbNV-58ZzV...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&google_hm=Ax0zRdVsyE3CrkjpmxpYxP4

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&google_hm=Ax0zRdVsyE3CrkjpmxpYxP4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ0LLTZ-LMlbNV-58ZzVk7IGpr5f1RSkeDcXV25jlDbV5msDN-rRF4qAFHPQ9CgdCXlMhNxrImzqfSxsiPmS2f-Gdq4AsA&google_hm=Ax0zRdVsyE3CrkjpmxpYxP4
date: Mon, 21 Mar 2022 14:45:57 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1d3345d56cc84dc2ae48e99b1a58c4fe003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD8A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH6GdA67ywnMUu2YsPzSB1U&google_cver=1&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5OTA3MzkwODI2MjA5NzQxMzk0Mw%3D%3D&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5OTA3MzkwODI2MjA5NzQxMzk0Mw%3D%3D&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5OTA3MzkwODI2MjA5NzQxMzk0Mw%3D%3D&google_push=AYg5qPI7xx9l_nwuj8DLBQNtKZ2jgXuIyoupi19Bshxu8JVTFCDDIeFY66JtNHSYYN-kLi5ai4UWZAKPueP2RVMhgZj_Qw2ybn4
date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame DD8A 0
75 B 416ms
24ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEH8Ap-WfGnFRw0lAPUMwalQ&google_cver=1&google_push=AYg5qPKd_lbCvb7N0CSbix53htzGtPPGqvY6H7QfFHy12f8TVfd7V91nMokcUKSoqfJM6C1thikMrLp10QjW5VgTVuFBnrna5O8
Requested by: Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DD8A 0
12 B 21ms
18ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8ONzmTg_qukQsL9uFWiAloAJrIvwRkmN04v7i11ACSJNkKvu2kMGaWSsFWhHyNaUMB05e

Requested by

Host: edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
URL: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 /
c.mgid.com/vs/ 43 B
361 B 117ms
116ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=0&iid=1233564&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%229d887b85-a925-11ec-b203-e43d1a2a04aa%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=11505
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ef7796a0c8b5c74-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A6EB 13 KB
5 KB 25ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portalsemakan.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1893
date: Mon, 21 Mar 2022 14:45:57 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 62ms
25ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Mar 2022 14:45:57 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame A236 909 B
1 KB 84ms
83ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6b80072f512a36f8c52fe84bb0341e40a92894a135dabe99b0aeadd2f246a6

Request headers

Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ef7796b2de85a0d-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D15UBEpTrOpawlKUrlVvmFWRDTAMAF9%2FPxbrXyO2tTOkNf2WQ7gb0C2c1iHePky46aj9gN%2F9L1xHg2G87tcBdxqdzKeGKeLa6hOHhHeL1BnLYYYDTY3bdLmaroNUmYrU1gKH%2F94%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-qqfv

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 106ms
86ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-qqfv
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJJZ2Gb%2BqaQW9jn6DCJ3FVoOduk7n3UpRybEIUfABklE2Bd7DuGXGvUxRYEoTpSGDQeEQPwwPb1xxIZZrJIGryc8%2B%2FsUACMnMARK%2FJSozfxqgbhcD%2FKHxGyRmzGXHXjgL1XuCec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ef7796a9bc95a0d-MXP

GET
H2

200

sid Show response
mug.criteo.com/ Frame A6EB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=portalsemakan.com&sn=ChromeSyncframe&so=3&topUrl=portalsemakan.com&bundle=A0Wv8V9GRTZPS3dSazM2MVp1Um5YSk1qTzlOayUyQlhIM3VIUk1LVFZDVmNlTG9Y...
https://mug.criteo.com/sid?cpp=61MDRnxyS3k2MUZ4RGJUY3F0N0lWUTZqVmZoSnE1NWhPMTkxQnNObFR3S21EMkRDRm1EbnRtaTUrYUk4UStwZ1lrbWs4SVRiekJvQ0hkNlNKczdBdzRVeUZyb0JBWkNpRElFUVJsNDlLTk00NzBUcmVHR0RGSjBXZnIycE...

433 B
628 B

32ms
30ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=61MDRnxyS3k2MUZ4RGJUY3F0N0lWUTZqVmZoSnE1NWhPMTkxQnNObFR3S21EMkRDRm1EbnRtaTUrYUk4UStwZ1lrbWs4SVRiekJvQ0hkNlNKczdBdzRVeUZyb0JBWkNpRElFUVJsNDlLTk00NzBUcmVHR0RGSjBXZnIycEUzS05INXFPb1NpL25OQ0V3N21TSTZSVUZTbWl1REdlTEVGakRWVCtRbTNLVnVLWnh2eHVQV2RybTJZbXdrRzhjUFY0a3dHMFJqSnJFRXpDb0RvcmVaR2hlRnVOWjRsK0VTYkpWYTByd1JZTUJ1MWZlbHhCWktqaU12akZkYjRZSVhDRVBuZkt3TWhhckxLRTBDQ3o1N1ZFcFc0bzJoV01FdFVJU2pMWnRRZGVmbEk0UDY5OD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

49cac2480801cf1cdbaa80f25b9458e9d13d0b2c59e45b1e0beed77045f8f582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4146
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=61MDRnxyS3k2MUZ4RGJUY3F0N0lWUTZqVmZoSnE1NWhPMTkxQnNObFR3S21EMkRDRm1EbnRtaTUrYUk4UStwZ1lrbWs4SVRiekJvQ0hkNlNKczdBdzRVeUZyb0JBWkNpRElFUVJsNDlLTk00NzBUcmVHR0RGSjBXZnIycEUzS05INXFPb1NpL25OQ0V3N21TSTZSVUZTbWl1REdlTEVGakRWVCtRbTNLVnVLWnh2eHVQV2RybTJZbXdrRzhjUFY0a3dHMFJqSnJFRXpDb0RvcmVaR2hlRnVOWjRsK0VTYkpWYTByd1JZTUJ1MWZlbHhCWktqaU12akZkYjRZSVhDRVBuZkt3TWhhckxLRTBDQ3o1N1ZFcFc0bzJoV01FdFVJU2pMWnRRZGVmbEk0UDY5OD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1921
content-length: 567
expires: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 04B6 2 KB
2 KB 79ms
69ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=_X7u6Ar1KoLkE75fgOloF8svBjspKlDy&g=af9c95e75457fcf0322fbd742dbe4b91%2F141586606796437281&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647873957675&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DAAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0%3Bcrtbdata%3DbV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmsid5sRYChk-2-Jv0hIof1uCvlaobs-GCtf8FMH71X9epw69j-Jt7R_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJ3j0t6WLbEVo1%3B%3BCREFURL%3Dhttps%253a%252f%252fportalsemakan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9671e19e1185a1fe92677c4e2c749fa99870f0c2db0908ffdd5c8e6d827b21f4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ef7796bcd9d83be-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 04B6 81 KB
11 KB 77ms
76ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=_X7u6Ar1KoLkE75fgOloF8svBjspKlDy&g=af9c95e75457fcf0322fbd742dbe4b91%2F141586606796437281&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647873957675&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DAAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0%3Bcrtbdata%3DbV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmsid5sRYChk-2-Jv0hIof1uCvlaobs-GCtf8FMH71X9epw69j-Jt7R_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJ3j0t6WLbEVo1%3B%3BCREFURL%3Dhttps%253a%252f%252fportalsemakan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=_X7u6Ar1KoLkE75fgOloF8svBjspKlDy&g=af9c95e75457fcf0322fbd742dbe4b91%2F141586606796437281&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647873957675&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DAAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0%3Bcrtbdata%3DbV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmsid5sRYChk-2-Jv0hIof1uCvlaobs-GCtf8FMH71X9epw69j-Jt7R_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJ3j0t6WLbEVo1%3B%3BCREFURL%3Dhttps%253a%252f%252fportalsemakan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1030848
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 09 Mar 2022 16:25:09 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ef7796c4a1a0f56-MXP
cf-bgj: minify

GET
H2 200 CA870B219D1B8E3D09FE2243C982EA152C058524254E223AE8FC9C0671865FBAFF6E361489C1F42F3A139F96B5AC5978EAEC1CE67AABA5FBC3C208394B0EAC44
assets.ad4m.at/product_image/ Frame 04B6 13 KB
13 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CA870B219D1B8E3D09FE2243C982EA152C058524254E223AE8FC9C0671865FBAFF6E361489C1F42F3A139F96B5AC5978EAEC1CE67AABA5FBC3C208394B0EAC44
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=_X7u6Ar1KoLkE75fgOloF8svBjspKlDy&g=af9c95e75457fcf0322fbd742dbe4b91%2F141586606796437281&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647873957675&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DAAABf6zxGpDF58aL65OmOcJJutz8Piraw73OTg-68KPKJEAjv3vKYRh3VQAhbTDfDs4ZhBX0%3Bcrtbdata%3DbV8UnkXMr3NwF19oiPjA0IE34wzqNmUPLs3K0ynqcUROQwRzAVwTQnGwGz1AYA6RFxrryX2AJkjxTtmEyBG-3e2-Jv0hIof1d1uCC-QSe6tU4IMEQkecPPLloMfolHAUJdGosdmHT91hzpYDQ_9Zu7IQQJ5ceO3WfL2KYIlQL-KEh00F3-UOhb3935ZVYil84Fg9-PiOKrpp013XriM7_NsvkBX1ml8SpoqfbL5ACwEIw8AVEQgOioYQXkFycv1TSAWVgExTW7Y1%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmsid5sRYChk-2-Jv0hIof1uCvlaobs-GCtf8FMH71X9epw69j-Jt7R_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJ3j0t6WLbEVo1%3B%3BCREFURL%3Dhttps%253a%252f%252fportalsemakan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00db72d96199bbc6b33990b391bf17fe2c9a85f5cc23fe98a21a275796f2ce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=aZkhvg==, md5=wba/hl9HNCwhH2+HMW9NQA==
date: Mon, 21 Mar 2022 14:45:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281463
cf-polished: qual=85, origFmt=jpeg, origSize=20072
x-guploader-uploadid: ADPycdugP5j8ZLaXUBzdcH6qmILiJ6gmpVuqchYCfhmXTZtBUVYxaeXcXrRjthO3hS5wjWhBXA5pfNF87JiQFbSOBIo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13002
last-modified: Fri, 18 Mar 2022 08:33:45 GMT
server: cloudflare
etag: "c1b6bf865f47342c211f6f87316f4d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H%2BrQ2SVDVL5y2RdXcDnr6W0crYkMfcsFSgjCgB%2BeFhx9Bb409E4y87MJAVuir3HO%2F3tnlPG2zf%2BenGV16oJMVUZtRWKkN8CcuiKWN%2BuHIGnncQI%2FoMUw6lrjEYrNEQkBu1q9zatSL7YTPSs"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647592425468656
content-type: image/webp
expires: Tue, 22 Mar 2022 14:45:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 20072
accept-ranges: bytes
cf-ray: 6ef7796c4f1483be-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 5998.js Show response
go.trvdp.com/init/ 23 KB
23 KB 92ms
22ms Script
binary/octet-stream 2600:9000:2315:d000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5998.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:d000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2071f7d1245831b348c4c552e7e61eee09e94d7f90ad2eeb54ef2c1b463783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:47:24 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 13:22:49 GMT
server: AmazonS3
age: 611914
etag: "f637d1251c4c2f346315a5b6e7470988"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 23348
x-amz-cf-id: g6Ij09rT3Ydk9yl3LorRZTsGMVuYysrGhZQEwTiaOoYRN6qHQ4d3fQ==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D99E 42 B
64 B 43ms
41ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8bl-FsJLuttd_2s0iWkam9Eu5cZ8XSfaXxnQeKmN2HZusuPphvx26u6ygsqM-9H72rF4T-QWnSkDInb1_4rmtHtTpfrgowMsFhDrAMFSepUHGH3pC&sig=Cg0ArKJSzGaAeaMNstlTEAE&id=lidar2&mcvt=1000&p=1166,1599,1167,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1.08&vu=1&app=0&itpl=19&adk=1383592160&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873956681&rpt=182&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 167ms
107ms XHR
application/json 108.157.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=5998&cb=2022.41631156169&pid=4168&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-35.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a632c807d5e557bf02018f90435ef910402699acd418dd853913f9979161f4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://portalsemakan.com
access-control-allow-credentials: true
x-amz-cf-id: 6CjMNkS1JDCzVKhwb47WFBBLcosCLk38L8JmhAboHetBiW5rbnZ9fQ==
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.729/ 654 KB
180 KB 88ms
17ms Script
application/javascript 2600:9000:2251:3a00:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.729/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3a00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5168404c37cfa1f6fe21ca1d6a93b63705c5657adc834d572b34ac14763098fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:22:43 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 12:58:36 GMT
server: AmazonS3
age: 609796
etag: W/"0650780a0965d58abe823055281d157e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 1k5TTn-4eavbkLXldFdfaX-UqL2TCXpo1QJpmN5piQcvi8uX7c-Img==

GET
H2 200 pixel.gif
openxdisplay970503469688.s.moatpixel.com/ Frame A236 43 B
260 B 159ms
54ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openxdisplay970503469688.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=58&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=portalsemakan.com&L1id=537113485&L2id=0&L3id=0&L4id=0&S1id=540308356&S2id=540308357&ord=1647873957190&r=800330913282&t=meas&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&moatClientSlicer3=540308359&zMoatSZ=728x90&zMoatTAGID=2963130588&zMoatBUID=0&zMoatDEALID=&click=0&bedc=1&everOutOfFocus=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:58 GMT

GET
H2 200 pixel.gif
openxdisplay970503469688.s.moatpixel.com/ Frame A236 43 B
260 B 183ms
78ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openxdisplay970503469688.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=58&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=portalsemakan.com&L1id=537113485&L2id=0&L3id=0&L4id=0&S1id=540308356&S2id=540308357&ord=1647873957190&r=800330913282&t=nht&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&moatClientSlicer3=540308359&zMoatSZ=728x90&zMoatTAGID=2963130588&zMoatBUID=0&zMoatDEALID=&click=0&bedc=1&everOutOfFocus=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:58 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 48 B
722 B 601ms
149ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=portalsemakan.com&l1=5998&l2=portalsemakan.com&l3=DE&l4=desktop&l5=5.729&cb=0.03824016923954687
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.729/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 48

GET
H2 200 pixel.gif
openxdisplay970503469688.s.moatpixel.com/ Frame A236 43 B
260 B 90ms
89ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openxdisplay970503469688.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=71&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=portalsemakan.com&L1id=537113485&L2id=0&L3id=0&L4id=0&S1id=540308356&S2id=540308357&ord=1647873957190&r=800330913282&t=hdn&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&moatClientSlicer3=540308359&zMoatSZ=728x90&zMoatTAGID=2963130588&zMoatBUID=0&zMoatDEALID=&click=0&bedc=1&everOutOfFocus=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:58 GMT

GET
H2 200 pixel.gif
openxdisplay970503469688.s.moatpixel.com/ Frame A236 43 B
260 B 125ms
125ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openxdisplay970503469688.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=71&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=portalsemakan.com&L1id=537113485&L2id=0&L3id=0&L4id=0&S1id=540308356&S2id=540308357&ord=1647873957190&r=800330913282&t=fv&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&moatClientSlicer3=540308359&zMoatSZ=728x90&zMoatTAGID=2963130588&zMoatBUID=0&zMoatDEALID=&click=0&bedc=1&everOutOfFocus=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A236 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1HfdmhVf-wXG7fT7AxrnbBqawPYDKY6TFrKwXOgUrdVsLRDOCbhkyVV9YZJED3fvNUd6r0IO_K5UhMSIhYEl9tQ&sig=Cg0ArKJSzPPhtECLwzFvEAE&cid=CAASF-RoV_OSPlmli-tzFiiH_gVDxVszGjY7&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2963130588&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873956576&rpt=922&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 368 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 371 KB
123 KB 99ms
52ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.729/ins.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126232
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:59 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 417ms
98ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=r7gyL1undYqqjZzC0SQNf7JAuu6+/gTDnhmEqrclPPN/L+a16t8tjKj7V2cf50dnHFCg36ybMT977Bo1En9dpzOFUc+/4X41Ce+HwNyLC4dGr4Eqy9PVs9AwDiCf4E+PXBPiqCgJT2uSIPF0r3YioKdB29GPY91gCUbbC+uZk77bCssTHAQMFf9VT/pvZlQ+EzFnplP5rlwEL+wJHFK7S/HH8VRa5eDjIOpzuItimgt0Yv6z1IQfYmI03icpXSrb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx/1.6.2

GET
H2 200 3536f86330e6f7df73f7041da13cb87c92fc78c5_2.jpg
vid.trvdp.com/images/ 41 KB
42 KB 226ms
43ms Image
image/jpeg 2600:9000:223d:fe00:7:254f:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.trvdp.com/images/3536f86330e6f7df73f7041da13cb87c92fc78c5_2.jpg?Expires=1647959627&Signature=H-sPY1b19wjQUUyNcD~rCijUP0DpLB~YJP08CRsfQhrM-oqMLJFGol3fSGRuQRP2zGG9tXs0xajJX~UQdnE5zwN09DK8JbgWLWUS9bNagyjCYrJNpggF99cn0v2I3hO2bJWbXlJ~350qnB6Z-siZS6k66D8Tj1esp-4EQ4OTYUfyIER87zVQZzVefy1Kzs8nvMJhLGO-zYwPR1Qt8svSC3eWlkvcQsM9Bwoa7DAIehKa7LUNxJoLSpISdzq~H-STE48L35Ykvye4LwJKfojBhwuRldDsoz3SqIwp5yjTIgCF4GOl6Izuxdngzyyr4uATvaT-kfOc3cB8eOYXBNyeUg__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:fe00:7:254f:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd2e8c202319462af768d00c18138dadc2334c824a0b494b6acc3735a7955fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 06:21:37 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 11:47:29 GMT
server: AmazonS3
age: 6596663
etag: "ccb1bf1c56a3844d5290ab548e2d1cdb"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 42426
x-amz-cf-id: O5fK3lQ8VULwKGorb-bAq5s70Cl_a-_jgMm-4bfzUqXUV1gwP1Wwmg==

POST
H2 200 /
track.adform.net/serving/unload/ Frame A236 35 B
502 B 50ms
50ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@38516439,8855687390784404042,100|1100|0|0|0|0|0|0|0||38|1|346|89df6acd-5446-4116-bafb-e3b0e423787a_1|||1|0|0|iPSS-Cb73Kfi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5085
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

45ms
10ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.729/ins.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Mar 2022 14:45:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
date: Mon, 21 Mar 2022 14:45:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2

200

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=0&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68&verify=true

0
0

12ms
12ms

Image
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68&verify=true
Protocol: H2
Server: 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIxIE4Bs-PLy2oICwEjAEN4&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP9f551572-a925-11ec-b3dd-02c0672a7e68&verify=true
date: Mon, 21 Mar 2022 14:45:59 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2048 590 KB
192 KB 79ms
79ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:13:15 GMT
expires: Thu, 16 Mar 2023 20:13:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 412364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Mar 2022 14:45:59 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.729/ 35 KB
3 KB 194ms
124ms XHR
text/xml 108.157.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.729/v.php?st=wKftVQYJgS5q0uxHBGbdpg&e=1647960358&ver=5.729&adid=a6c1f&videoUrl=//vid.trvdp.com/video/3536f86330e6f7df73f7041da13cb87c92fc78c5_240.mp4?Expires=1647959627&Signature=WE1ySOuoGMgA2bUfdudq8if7rq0lISuhHlsQ2MUHo9JhL-c1t~BpFRP1sLhd2lxKcdpMHZr229N8nkR~f7u5m9bnb7QO4GojVdso~P9omz4NdBjsbdIlzngtDRErfxZuv6nOQ~jXrb1Ri~Cy4ndZEtv03x32vb2s4JybMD0k9nQyYcKYKbzgC6hW4ms7FXVD6PdgJ8hWQrRbEaypaeF5afTx2XGLQFoEaIXzLageowgZCVoV6izV8QrHMRmes9vLtIJnuwalqc8u73oOKX5qjIsZVGiAVEB70aITWDYyUUPiAi5llArtJI5bEXSmTBUFUjWsVOfZmv27NXfVhGBOwQ__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ&height=0&width=640&pageHref=https%253A%252F%252Fportalsemakan.com%252Fpermohonan-pelan-data-pelajar%252F&videoId=3536f86330e6f7df73f7041da13cb87c92fc78c5&d=portalsemakan.com&wid=5998&suid=1273&env_browser=Chrome%2099.0.4844
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.729/ins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-35.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0d99e6eb375f128658fa11f9c5ab2249912eee97f0e79e7e34e4afce81ec736c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
access-control-allow-credentials: true
x-amz-cf-id: PRWPTX59ld5OQ9d3N2w4t67SSVIlw6nUambKoWlCdNvaf0vPk0TAbw==
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 170ms
98ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=OZnhpD0ouJI6kP/vMZ/SaLJAuu6+/gTDnhmEqrclPPN/L+a16t8tjKj7V2cf50dnHFCg36ybMT977Bo1En9dpzOFUc+/4X41Ce+HwNyLC4d7pYxGLt77e1H4Ve2A3C4BKGc5yVDOtn6sVC1dHTt+aCss7nyp7e84iacmipg74uUP0U4xrg+ASk3vlZa/HY/hwM2ZCua1Zl8BebX7mVYKVQ91jmmqSJXRYX6kc/vl2PVFINN9ranWiWrRwmxSgASllnphACvHCgLS/luw/OALhQ==&cb=56661027
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx/1.6.2

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2098 37 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 15:34:53 GMT

GET
H2 200 3536f86330e6f7df73f7041da13cb87c92fc78c5_2.jpg
vid.trvdp.com/images/ 41 KB
42 KB 35ms
34ms Image
image/jpeg 2600:9000:223d:fe00:7:254f:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.trvdp.com/images/3536f86330e6f7df73f7041da13cb87c92fc78c5_2.jpg?Expires=1647959627&Signature=H-sPY1b19wjQUUyNcD~rCijUP0DpLB~YJP08CRsfQhrM-oqMLJFGol3fSGRuQRP2zGG9tXs0xajJX~UQdnE5zwN09DK8JbgWLWUS9bNagyjCYrJNpggF99cn0v2I3hO2bJWbXlJ~350qnB6Z-siZS6k66D8Tj1esp-4EQ4OTYUfyIER87zVQZzVefy1Kzs8nvMJhLGO-zYwPR1Qt8svSC3eWlkvcQsM9Bwoa7DAIehKa7LUNxJoLSpISdzq~H-STE48L35Ykvye4LwJKfojBhwuRldDsoz3SqIwp5yjTIgCF4GOl6Izuxdngzyyr4uATvaT-kfOc3cB8eOYXBNyeUg__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:fe00:7:254f:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd2e8c202319462af768d00c18138dadc2334c824a0b494b6acc3735a7955fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 06:21:37 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 11:47:29 GMT
server: AmazonS3
age: 6596663
etag: "ccb1bf1c56a3844d5290ab548e2d1cdb"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 42426
x-amz-cf-id: s1WtFfCUGI9lv3He7aKuW4qKsZopHUKe34ozkaz3CmMJxSke6RtenA==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5085 32 KB
10 KB 15ms
15ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6046941efa0656622a5f07faee34cc197eafa53b446e6114bdc7b3e9a1af7023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46947
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Tue, 22 Mar 2022 03:48:26 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 5085 0
239 B 450ms
111ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=L10TLTKX-4-KD62
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78008fe701b681dce86a72fc23cacc40
Content-Type: image/gif

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 98ms
98ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=XEEBybJ9uiKc/i8FoE1RZ2KZZgop+ggYzW0wo3jOXeWuoukz6OL4wWpHrJtZqLHryvZ8kJvfzh87ClLYLA7Aj+nbc+VnZdvGDtkB76Bc6gniXroAb6SDjHJpequre4oPQW2PsNh240HPfYILn4Tkrab5A2LzZOb76m80UAGh5ezr3DjylRBPXnpheAtqavTfO3Mqngv4EBKp03L1JHb8yREejDOTITm39urvcrm2hBMjLeOomN3f5a9c2zUCpe2yUq92jd1uYKZFYzaTEtr+Dxdx2TrLQ3zb9R0KM0GHl8UuJj1gzMJntWEpdUiZ/i6Ymnrlw65HrOttjDJbyE7S+5obJwgM6lTgkc9KD3lWenk=&cb=59862997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 97ms
97ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=csbVqQ7vFNkI+k7T8dJsxmKZZgop+ggYzW0wo3jOXeWuoukz6OL4wWpHrJtZqLHryvZ8kJvfzh87ClLYLA7Aj+nbc+VnZdvGDtkB76Bc6gniXroAb6SDjHJpequre4oPQW2PsNh240HPfYILn4Tkrab5A2LzZOb76m80UAGh5ezr3DjylRBPXnpheAtqavTfO3Mqngv4EBKp03L1JHb8yREejDOTITm39urvcrm2hBMjLeOomN3f5a9c2zUCpe2yI1//UkNiKWdY0gYXWZ+PcNsKyxMcBAwV/1VP+m9mVD4uJj1gzMJntWEpdUiZ/i6Ymnrlw65HrOttjDJbyE7S+5obJwgM6lTgkc9KD3lWenk=&cb=84774062
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx/1.6.2

GET
H2 200 pixel.gif
openxdisplay970503469688.s.moatpixel.com/ Frame A236 43 B
260 B 22ms
22ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openxdisplay970503469688.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1058&tet=1134&fi=1&apd=1263&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=portalsemakan.com&L1id=537113485&L2id=0&L3id=0&L4id=0&S1id=540308356&S2id=540308357&ord=1647873957190&r=800330913282&t=iv&zMoatOX3TRANS=bfeb4878-bc1e-400f-a0a7-438274a0b968&zMoatOX3TRANSTIME=1647873956&zMoatADID=540944534&moatClientSlicer3=540308359&zMoatSZ=728x90&zMoatTAGID=2963130588&zMoatBUID=0&zMoatDEALID=&click=0&bedc=1&everOutOfFocus=0&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:59 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2048 82 KB
17 KB 320ms
319ms XHR
text/xml 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2Fportalsemakan.com_desktop_adonly&description_url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&tfcd=0&npa=1&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4183715038778023&vad_type=linear&vpa=auto&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=44d&adk=1599581099&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=6EA595BF-44D7-433A-9FC2-A148F5DE9EF7&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAYyr3E5_ovRQAAAAA.&nel=0&eid=44737473%2C44752995%2C44758374&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&dlt=1647873953401&idt=6007&dt=1647873959466&cookie=ID%3Dec35bbe01f3749a8%3AT%3D1647873955%3AS%3DALNI_MbF1GXQnXNbkVUEstWbP76Zv5GEaw&scor=372624060115129&ged=ve4_td6_tt0_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

88565de02ec08387d021fe62a5dfc39584b560c34e89dff87b62b41a38ee6926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16940
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5085
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExUS1gtNC1LRDYy
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5085
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTRjOTY2Zjc4OGQ3ODA5OTE3Njg3MGRlY2FlNjMzYWU0MjVkYWM4Mw

170 B
188 B

21ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTRjOTY2Zjc4OGQ3ODA5OTE3Njg3MGRlY2FlNjMzYWU0MjVkYWM4Mw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTRjOTY2Zjc4OGQ3ODA5OTE3Njg3MGRlY2FlNjMzYWU0MjVkYWM4Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOPsbReMYoN-qvzYz1OcAQ4&google_cver=1

0
239 B

19ms
18ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOPsbReMYoN-qvzYz1OcAQ4&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOPsbReMYoN-qvzYz1OcAQ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5085 70 B
264 B 43ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5085
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mK9ZnLmCSzeEq2tTlN-IJA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mK9ZnLmCSzeEq2tTlN-IJA

43 B
556 B

111ms
107ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mK9ZnLmCSzeEq2tTlN-IJA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:46:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E5FX2VSE8R507XE3CC6P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mK9ZnLmCSzeEq2tTlN-IJA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5085
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLTKX-4-KD62

0
707 B

211ms
144ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLTKX-4-KD62
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CEDE3F614FB147E0A3B099ADE69EBF90 Ref B: VIEEDGE2017 Ref C: 2022-03-21T14:45:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXau44A0V8gtBPoEZ18/A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLTKX-4-KD62
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 5085 0
0 20ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5085
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dHFFd2fQSpSeK8dQEpaHPA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dHFFd2fQSpSeK8dQEpaHPA

43 B
556 B

39ms
38ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dHFFd2fQSpSeK8dQEpaHPA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:59 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BYVZ02JKFP1RBN70QKB2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dHFFd2fQSpSeK8dQEpaHPA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 204 csi
csi.gstatic.com/ Frame 2048 0
17 B 105ms
105ms Ping
image/gif 2607:f8b0:4002:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l10tlwpp&c=1952985218076&slotId=976492609038&qqid=CNCZ9--41_YCFZMH4Aod9RgDFw&gqid=p484Yp6YHdnJgQe9gJfoBg&fb=ima_html5-lima&sdkv=h.3.505.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44737473%2C44752995%2C44758374&met.4=ghmsh_s.l10tlx1g~ghmsh_s.l10tlx1h&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=Hal9Jg7omG8CB46M
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c00::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 2048 453 B
478 B 9ms
7ms Image
image/png 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6817495765751189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:00:20 GMT
x-content-type-options: nosniff
age: 2739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:50:20 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2048 42 B
64 B 22ms
20ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Clv3Xp484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBMACT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS3Ycxul_-S4YFifF6wsUzrBkz3YqLDkWkB-rOyU_LLQ5YKlUDzk7sriB1LK76mnFrPadJMgfMIvh0VAc1fABNP73JX5A-AEAYgFxITEzjuSBQgIAxABGAFQAaAGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YBwEAEYHbEJxEUiFoctCniACgOYCwHICwHQCw64DAGwE7-2zw7YEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=uBIut01KPQk&label=show_ad&acvw=&sdkv=h.3.505.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 2048 0
0 49ms
48ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CCRshp484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBL0CT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS2AcoFQbHb_8sMnxcW8gVhdZxtDXKU7tU-ia0ug1Lv5_SNkpzM4I2T0KUpYbUWBjWVuYb845U7l7tXABNP73JX5A-AEAZIFCAgbEAEYAVABkgUNCCIQAxgBSLGgpgFQAaAGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ_zMagIAdIICQiA4YBwEAEYHYAKA8gLAbATv7bPDsITBhisso-gAcgTl-Xt3gPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi02MzIyNTQxMTkyODg2NTYwGNL9dg&sigh=d_yZNByoR_E&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vt=10&sdkv=h.3.505.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2048 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
98ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=xQ8WTFnAzIkR+AK0KCQr0LJAuu6+/gTDnhmEqrclPPNVxjL1QiGvnx2H4H+XcWmePAxed4KvEaYztP8G6a+Lja/a6syDseZgsXqsSrjgzqsmSqzgytUZgEN2iDqQw2P9tdgtA4OZEKW7DiJXs6Cg1+6NN2jqwFQTizSXyS4Z6T4Nj2IlU4TzB8CjIhSyIav7YOT0bwBXv/83jZ6BFFxNeymihb1g02RCVRBf1i3CnUsl7FPrJ4THST6eEQOTFRTJMZeZhO82eiyveqtoAXKPRsDNmQrmtWZfAXm1+5lWClWCPu/fcxjh3Wi0FAZV38SBeyQVqysNDcy8zfdMb2lGQVT9p+iKQao+Q/sVXKVP01g=&cb=49339919
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:59 GMT
server: nginx/1.6.2

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 108ms
108ms Ping
image/gif 2607:f8b0:4002:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l10tlwki&c=1952985218076&slotId=976492609038&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c00::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2048 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.505.0&e=44737473%2C44752995%2C44758374&id=ima_html5&c=2621104117004511&domain=portalsemakan.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr2---sn-4g5edndz.googlevideo.com/
Redirect Chain

https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&mh=QK&mm=31&mn=sn-4g5ed...
https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

543 KB
544 KB

31ms
9ms

Media
video/mp4

2a00:1450:4001:1a::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgEG6TH5VBBZFsUbFqrn2ppFPNwwz85QiYhViGTOq4vpICIARFLRElsJqnpMuQbYSrWav7baiE6-m1smrLRpJGDGGp&cpn=Hal9Jg7omG8CB46M&redirect_counter=1&rm=sn-4g5er67l&fexp=24162928&req_id=88e09b0cacb36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2001:ac8:20:3b00:1011:42cb:9e3d:4dee&mm=31&mn=sn-4g5edndz&ms=au&mt=1647873893&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgJZVRDjpvmCCf6E2o1X0MB5i3g4Kp7VEXQuYvnsoQoAwCIHY4Dl_RF1vkftYkx4P5_a6DNtb67L0QEHYPOpS9vZQh

Protocol

HTTP/1.1

Server

2a00:1450:4001:1a::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

12a4e29c96a1fdfda599991ceae53622141a8bb977b65998435cb017faaa6266

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Mar 2022 05:08:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-556124/556125
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 556125
Expires: Mon, 21 Mar 2022 14:45:59 GMT

Redirect headers

Date: Mon, 21 Mar 2022 14:45:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr2---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647902759&ei=p484YqyxLIiYgAfDtLjABg&ip=217.64.151.4&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgEG6TH5VBBZFsUbFqrn2ppFPNwwz85QiYhViGTOq4vpICIARFLRElsJqnpMuQbYSrWav7baiE6-m1smrLRpJGDGGp&cpn=Hal9Jg7omG8CB46M&redirect_counter=1&rm=sn-4g5er67l&fexp=24162928&req_id=88e09b0cacb36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2001:ac8:20:3b00:1011:42cb:9e3d:4dee&mm=31&mn=sn-4g5edndz&ms=au&mt=1647873893&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgJZVRDjpvmCCf6E2o1X0MB5i3g4Kp7VEXQuYvnsoQoAwCIHY4Dl_RF1vkftYkx4P5_a6DNtb67L0QEHYPOpS9vZQh
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 21 Mar 2022 14:45:59 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2048 42 B
64 B 35ms
35ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Clv3Xp484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBMACT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS3Ycxul_-S4YFifF6wsUzrBkz3YqLDkWkB-rOyU_LLQ5YKlUDzk7sriB1LK76mnFrPadJMgfMIvh0VAc1fABNP73JX5A-AEAYgFxITEzjuSBQgIAxABGAFQAaAGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YBwEAEYHbEJxEUiFoctCniACgOYCwHICwHQCw64DAGwE7-2zw7YEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=uBIut01KPQk&label=video_ad_loaded&acvw=&sdkv=h.3.505.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 2048 41 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 09:21:45 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 2048 0
0 61ms
55ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CCRshp484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBL0CT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS2AcoFQbHb_8sMnxcW8gVhdZxtDXKU7tU-ia0ug1Lv5_SNkpzM4I2T0KUpYbUWBjWVuYb845U7l7tXABNP73JX5A-AEAZIFCAgbEAEYAVABkgUNCCIQAxgBSLGgpgFQAaAGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ_zMagIAdIICQiA4YBwEAEYHYAKA8gLAbATv7bPDsITBhisso-gAcgTl-Xt3gPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi02MzIyNTQxMTkyODg2NTYwGNL9dg&sigh=d_yZNByoR_E&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.505.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 B26209695.312711653;dc_trk_aid=505546239;dc_trk_cid=157182492;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIxITEzjuoAqbz6uACsAK_kokMQDsQl-e6AWDEzn4SOfSm4wejIynb90M=;ord=24923...
ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/ Frame 2048 42 B
533 B 101ms
39ms Image
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/B26209695.312711653;dc_trk_aid=505546239;dc_trk_cid=157182492;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIxITEzjuoAqbz6uACsAK_kokMQDsQl-e6AWDEzn4SOfSm4wejIynb90M=;ord=2492378423;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=14452966921672990510;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMI0Jn377jX9gIVkwfgCh31GAMXEAEYASAAEgLrHPD_BwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2048 42 B
64 B 40ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHGKip484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBL0CT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS2AcoFQbHb_8sMnxcW8gVhdZxtDXKU7tU-ia0ug1Lv5_SNkpzM4I2T0KUpYbUWBjWVuYb845U7l7tXABNP73JX5A-AEAYgFxITEzjugBlSAB7zN8N8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwGwE7-2zw7YEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=BetdtRSBV4Q&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D814%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1647873959833&sdkv=h.3.505.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IpQFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2048 42 B
64 B 57ms
48ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuknrgOH9R-2CTv9iP3Y6jQBKpsyUV6T4cZelwyVw10BCpLFXirFlMSVN28iZYSuqP_3N8WzI3uup8oHJaJk1ZqbIbomEWz7G_EOTuLLicCCmXI0rtUBw&sai=AMfl-YTInowl9YmjzIrM5cgqcGg7pHCG3Bq20WeUiV8YetXJ3Hc_wewUDlhx1MC9FYkJmLnJB_hOpFq6u-St0dqC6pLZ5U-ComlTgVwGfmLHvSBiK7uihJMRgFwislFk&sig=Cg0ArKJSzOoPApCRcowREAE&cid=CAASUORoffP9vBesuRIHNpZDHKV63ZXQVMRkI8jfLemDR5_jA_hcEA1OZN8Gi5S561G8eIlXCnpgRtG4V5ce2gVUdKlw6CWOBcxKEAhyYZbimB0j&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D816%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 2048 42 B
64 B 40ms
30ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=14452966921672990510&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D816%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 2048 42 B
494 B 104ms
43ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D816%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2048 42 B
64 B 39ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHGKip484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBL0CT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS2AcoFQbHb_8sMnxcW8gVhdZxtDXKU7tU-ia0ug1Lv5_SNkpzM4I2T0KUpYbUWBjWVuYb845U7l7tXABNP73JX5A-AEAYgFxITEzjugBlSAB7zN8N8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwGwE7-2zw7YEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=BetdtRSBV4Q&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D817%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833&sdkv=h.3.505.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IpQFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26m...
ade.googlesyndication.com/ddm/activity_ext/ Frame 2048 42 B
107 B 105ms
45ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D817%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2048 0
20 B 55ms
46ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.505.0&e=44737473%2C44752995%2C44758374&id=ima_html5&c=2621104117004511&domain=portalsemakan.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2048 42 B
64 B 38ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHGKip484YpCqH5OPgAf1sYy4AfLZvoRopefct5sPsJAfEAEgkPuLfmCVAqABrLKPoAHIAQXgAgCoAwGYBACqBL0CT9CLX-mRV6Xu6x4kllY9WG4bx_71xlH-IT6QX5rn5FzHTPr3CGiswA7JO9VsXExYq0p-mbqVLmHqsVnC4pHeuS6YZXskihFHf0Z6uPzn6BU7hoquPhDQOR434xmL7jyq2lyeb9R0gxHWDtxqnVsVuvKlsEPCXKO-xOm5UtfYNWbPZ8O6fzF5BTM__QXLyjkR6Nkz-Bg6qQbEYlcgTRtFjr5-8ar8l0blF2E1p_1BQYKmYjDr29LLn3Ye4GDZx9EpV0UcE2YnVCjjj58qbznxPK3PyvdRYK6QjBH0NF0aBSEShJPA6D55Yd9hjFgbB8vyh5LpSCxekC43lvGbzU3AQXaoPS2AcoFQbHb_8sMnxcW8gVhdZxtDXKU7tU-ia0ug1Lv5_SNkpzM4I2T0KUpYbUWBjWVuYb845U7l7tXABNP73JX5A-AEAYgFxITEzjugBlSAB7zN8N8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwGwE7-2zw7YEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=BetdtRSBV4Q&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=admute&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D29%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D29%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D29%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D823%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833&sdkv=h.3.505.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQM4CUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IpQFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity_ext/ Frame 2048 42 B
107 B 103ms
44ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14452966921672990510;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D29%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D29%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D29%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D470%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D329780960%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D823%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647873959833?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 101ms
101ms Image
text/plain 52.86.87.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=7IL5W8MJ6utzuPBLvIzVcWKZZgop+ggYzW0wo3jOXeWuoukz6OL4wWpHrJtZqLHryvZ8kJvfzh87ClLYLA7Aj+nbc+VnZdvGDtkB76Bc6gniXroAb6SDjHJpequre4oPQW2PsNh240HPfYILn4Tkrab5A2LzZOb76m80UAGh5ezr3DjylRBPXnpheAtqavTfO3Mqngv4EBKp03L1JHb8yREejDOTITm39urvcrm2hBMjLeOomN3f5a9c2zUCpe2yUq92jd1uYKZFYzaTEtr+D9db7h1jP4F57fAeEpXAgvEuJj1gzMJntWEpdUiZ/i6Ymnrlw65HrOttjDJbyE7S+5obJwgM6lTgkc9KD3lWenk=&cb=48175800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.87.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-87-146.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:46:00 GMT
server: nginx/1.6.2

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 9080 23 KB
9 KB 11ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 12:20:27 GMT
expires: Sun, 19 Mar 2023 12:20:27 GMT
cache-control: public, max-age=31536000
age: 181533
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9080 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 11:18:50 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 2048 0
0 69ms
17ms Image
text/html 2a00:1450:4013:c1a::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44737473%2C44752995%2C44758374&el=adunit&cpn=Hal9Jg7omG8CB46M&docid=0otptarVVLI&ver=2&cmt=0.202&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fportalsemakan.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=99.0.4844.51&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c1a::65 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9080 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.505.0&bgai=BGXHbp484YpCqH5OPgAf1sYy4AQAAAAA4AboFEwjeh_XvuNf2AhXZZOAKHT3ABW0&bg=!KimlKW3NAAba2mK92to7ACkAdvg8WimbhJhs20Cyt0-GMhL3jaNrGcwa2LLV8P9P5Ob4mw0RONzEtgIAAAB8UgAAAAJoAQcKAOA_wr-y9ZX3O7Q2Jl6Cu2iFYBcIJTGhg_BiUeMbiCVDx4bjqhcLybQbK6yZvgU2Ewtv8j8shFPC94JHLAIzlgZG8xBdsnjOG8o8Nd7ol3oT690VzY-uzx9dXdvP5YJN7OXcpVprXe5Hu6p3mtSp4M-YtaBts4JNBJD-IxyO_j3uYrqwfEVlOJDOwRrT21nYZnB6Kj82GBFfqK9P1KaGGqsJjucoD-O9IpWV1QE0CM7Bd2EeGCgACsIgAmtrMwKJrI70l7KlYZ88coxMKsk3U0VoCiD2M5wj7ZQeVJLe5XyOl5kCjUXOEFsSn0Y59W-ZIiuNr_14hL_yFA-U1aw_47AkVyNSdbcY8PUJAJfEKEZlk68JbGMI5zX2S1FHLS7baInGVpPhAfsqYQsyhg8ex5fWgN-VWAsIPuvYFiGSTmh4lOAHls6u3QMmRXVBoFeV3oC_3Bbq4hJmsXGI2p92vXp5fBgmjsr9Sm3-mjgAcEf6htZB9MyFQn-cJrmgVU_MJRUUWZfLdslbjiQMKXGq58ieIuMk28FJd15L7yXfXWEJeDE_YFEkG2FoJDvDsFBdxiG7iL65ccRNLgp5r7sCRW5shvABCtWwGwMR42DnjupDGrN9NFH7erAXh6DKS_h9rT7BrNPmymmfCZ0NWln69_peiU7WWSYrNrhkFrmgxsjBh-OGrwaMUcCXTewUZt-T8kid1Zom05-BisEfkQ4NX4iK3-z1n2GR_AaY5RlsuAHNKalT749gyQW12liL70hsbukxmsGhHV3PbFW2joT26xjW8nDjJSyt5GQIShmRdwFkAghAuUUa1qL0IXUqbyJm8SSKK8TuUKpUPvgzW73u7Q6P0mVLxRL-R6mRhglnz9wpKkiOd6pAzH0831kAbKmDdiXc4NQxmvbw-LQ4I60-O1qc-qj0lrldoKS_3QuJIAQmZDvbGDpBEg2wClekHS3HokYvDAsLALkPxcItXCXw00JnQuRsgKG9QnQyj0X4zQPnXFfkdYX608kWgNg6PKN0JcdQulwZigF-1Tda_I0UgrXPJNztnQ7C-LRluOWwPFBtaOrHAWIxRw9FldaL3fYV3A7MshUOcILxo3HVMRHt3uHEYucXpwMrnxdoTwBx_4t5pgIrlpaKF1KPlt1clwM2mIi-kq5k3ACF0-342Q03oL8m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 2048 0
17 B 106ms
106ms Ping
image/gif 2607:f8b0:4002:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l10tlx1o&c=1952985218076&slotId=976492609038&qqid=CNCZ9--41_YCFZMH4Aod9RgDFw&gqid=p484Yp6YHdnJgQe9gJfoBg&fb=ima_html5-lima&sdkv=h.3.505.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.l10tlx1q~vss_tr.gn~ff.l10tlx7a~vss_pp.s3
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c00::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:46:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ixmatch.html
js-sec.indexww.com/um/ Frame DBF4 0
0

GET
H2 200 pd
u.openx.net/w/1.0/ Frame A1A2 0
0 20ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 21 Mar 2022 14:46:02 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame E74D 281 B
0 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Mar 2022 14:46:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame D491 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6869 0
0 11ms
11ms Document
text/html 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=44589
expires: Tue, 22 Mar 2022 03:09:11 GMT
date: Mon, 21 Mar 2022 14:46:02 GMT
vary: Accept-Encoding

GET usync.js
eus.rubiconproject.com/ Frame E74D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY

Domain: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalsemakan.com/permohonan-pelan-data-pelajar	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.portalsemakan.com/	1970-01-20 19:15:45	Name: _ga_9BPNW7KP57 Value: GS1.1.1647873954.1.0.1647873954.0
.mgid.com/	1970-01-20 01:44:35	Name: __cf_bm Value: FKjaGkqyYeBj41TUJO8y4FTQYYH29mqFwIFVjZJuM0w-1647873954-0-AV6qwqAY6A2H9sTKURYqbV5g+jSkyqYq3Y15Df8ZKUVvtKi/uuFTVW6oiuy+rDMcGeRShKir7KFEYqm55cm/560=
portalsemakan.com/	1970-01-20 02:27:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.portalsemakan.com/	1970-01-20 06:03:45	Name: _pubcid Value: b489e505-31f1-4979-acee-2a41bc0f0266
.portalsemakan.com/	1970-01-20 19:15:45	Name: _ga Value: GA1.2.883524188.1647873955
.portalsemakan.com/	1970-01-20 01:46:00	Name: _gid Value: GA1.2.1563570202.1647873955
.portalsemakan.com/	1970-01-20 01:44:34	Name: _gat_gtag_UA_55620648_23 Value: 1
.rubiconproject.com/	1970-01-20 10:30:09	Name: khaos Value: L10TLTKX-4-KD62
.rubiconproject.com/	1970-01-20 10:30:09	Name: audit Value: 1\|hLZGFuTafB3iQKCVOCxrGUHau3iET1N0BmQvWiFCZkIRhTFoERi5ffwf1tVSs+TLO+IVujGovE3jO6r86FejK+BxGCOXoSK1pN9XcvuOONvc6UO785F0Pw==
portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bidid Value: gDh1Pl9xdHQ1ZzQwWXpGeHpqT3N5JTJGNCUyRlU2SmhydE1PbXpod3MwTXlOWkNoc2FSUExPdmFnMlZwRG4yb1JYcXVNJTJGb3MweVpId2pXQ09mc09VTEVHd0pBQ1I2ZyUzRCUzRA
portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bundle Value: A0Wv8V9GRTZPS3dSazM2MVp1Um5YSk1qTzlOayUyQlhIM3VIUk1LVFZDVmNlTG9Yc2t1V3BlMm52UzRHNVUzbHVlRyUyRjl4TzRlSWt4SFJtbGllWEQ2VU9RZE9XOWNpcWMwMTVVYmthWjU4VTFBZ09DdDNZcnFGWmIlMkJ2OCUyRkM3N2lGeEtVOW1z
.doubleclick.net/	1970-01-20 01:44:37	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:06:09	Name: IDE Value: AHWqTUm32JE-X2yWG3JpDyUgqf5J0AHv3TgV0KLZqZns2jXtPXE6GSEPpQ4vlAz6RoU
.quantserve.com/	1970-01-20 03:54:09	Name: d Value: EGYBCQHbJYEA
.quantserve.com/	1970-01-20 11:14:48	Name: mc Value: 62388fa4-35545-528fd-0a81c
.agkn.com/	1970-01-20 10:30:09	Name: ab Value: 0001%3AymOoNKJbkwIHsVvkW2idC6Q7bl88Mb4%2B
.agkn.com/	1970-01-20 10:30:09	Name: u Value: C\|0CEApy0wkKctMJAAAAAAAAQ13AQCAAQpAAAAAAA
.rlcdn.com/	1970-01-20 10:30:09	Name: rlas3 Value: /1cJ2LuFssWLvZpCP+OPcfcmsiZPQJj5NRERpspjs/k=
.rlcdn.com/	1970-01-20 03:10:57	Name: pxrc Value: CKSf4pEGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 10:30:09	Name: CMID Value: YjiPpKbzrnyylwJA.qVrtgAA
.casalemedia.com/	1970-01-20 03:54:09	Name: CMPS Value: 5198
servicer.mgid.com/	1970-01-20 01:44:34	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m2lUBnTAgOJ7
.portalsemakan.com/	1970-01-20 11:06:09	Name: __gads Value: ID=ec35bbe01f3749a8:T=1647873955:S=ALNI_MbF1GXQnXNbkVUEstWbP76Zv5GEaw
.casalemedia.com/	1970-01-20 03:54:09	Name: CMPRO Value: 1148
portalsemakan.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1233814%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647873956457%7D%2C%22C1233564%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647873956479%7D%7D
.pubmatic.com/	1970-01-20 01:46:00	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 03:54:09	Name: KADUSERCOOKIE Value: 4FB33624-68BD-4FBC-8A75-DDD79FD0DDB1
.adsrvr.org/	1970-01-20 10:30:09	Name: TDID Value: cbef6d29-6e9d-4e9f-a43e-918ef1293ea6
portalsemakan.com/	1970-01-20 03:10:57	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%22cbef6d29-6e9d-4e9f-a43e-918ef1293ea6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-21T14%3A45%3A57%22%7D
.3lift.com/	1970-01-20 03:54:09	Name: tluid Value: 2699073908262097413943
.casalemedia.com/	1970-01-20 01:46:00	Name: CMST Value: YjiPpGI4j6UA
.criteo.com/	1970-01-20 11:06:09	Name: uid Value: 2fc0afd7-9d26-4871-b7dd-a4334e8ad76a
.1rx.io/	1970-01-20 10:30:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1d3345d5-6cc8-4dc2-ae48-e99b1a58c4fe-003%22%7D
.portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bundle Value: Wmb9Tl9GRTZPS3dSazM2MVp1Um5YSk1qTzlLZ2dtMWloczVUbTk3JTJGU1dncWhXdlpaZHViVkpVeiUyQmlwOWpUWWpTc2JPNEdGSGdkVjVDNGMlMkIlMkJKTUhJVVNWMkhtUnFEYWpsdCUyQlVqeDR4UThLb1RTdnU2MjFkYVBXMkg2dWNTNnV1RXpZaE1HZkJqcTgyeGpEJTJGclFuSjVmclhadWclM0QlM0Q
.targeting.unrulymedia.com/	1970-01-20 10:30:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1d3345d5-6cc8-4dc2-ae48-e99b1a58c4fe-003%22%7D
data.ad-score.com/	1970-01-21 21:33:55	Name: token Value: kGQtFOtAbrdKI-vn2f-KfUZWyRryTcCd
.advertising.com/	1970-01-20 10:31:36	Name: APID Value: UP9f551572-a925-11ec-b3dd-02c0672a7e68
.yahoo.com/	1970-01-20 10:30:31	Name: A3 Value: d=AQABBKePOGICEHF6_poLUY4u08uw5E87m08FEgEBAQHhOWJCYgAAAAAA_eMAAA&S=AQAAAt0xMsYutH2nVyD8XwDQkmY
.analytics.yahoo.com/	1970-01-20 10:30:09	Name: IDSYNC Value: 187s~23vq
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:16:27	Name: bcookie Value: "v=2&8c0c9bd1-be20-4f40-830a-73a5df563873"
.linkedin.com/	1970-01-20 18:59:09	Name: li_gc Value: MTswOzE2NDc4NzM5NTk7MjswMjED1kc+PVX3/g9pJ7BR0KosfaiXZSoiaFhx4Jsm6TtOBQ==
.linkedin.com/	1970-01-20 01:46:00	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2256:u=1:x=1:i=1647873959:t=1647960359:v=2:sig=AQGTscw04dzjVNlMKG3lLR-oMWYWaFWb"
.amazon-adsystem.com/	1970-01-21 21:49:50	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 06:23:55	Name: ad-id Value: A_Ka9WzI9kmela7CntfBcGI

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_push=AYg5qPLxaYnaKAGR7n_o9xBSrtmjXftSC5Uw1NECXZy71_YbFx1ggV68hnOWv3YWDBgTbjfqgPi88fzlMFQoHzE58yc4C7cvueuf&google_cver=1&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPpKbzrnyylwJA-qVrtgAABHwAAAAB&google_cver=1&google_push=AYg5qPKCfFOCQCJ8mpzqAapcXrmdLzXOmIQTRIgSeF0FamV9B9Y7WzL_FI8gf0VXuccLIzmjF-8wT8tjEBw02QYY6RlvvIibdRum&google_gid=CAESEFi_CaE8wn6V_KEHBWTSTqY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://z.moatads.com/openxdisplay970503469688/moatad.js(Line 133) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
adasia-d.openx.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
anymind360.com
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
bidder.criteo.com
c.mgid.com
cdn.jsdelivr.net
cdn.mgid.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
cnt.trvdp.com
csi.gstatic.com
d.agkn.com
data.ad-score.com
eb2.3lift.com
edb26b0c111596a622c0d91380dbb47b.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.moatads.com
go.trvdp.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
js-sec.indexww.com
jsc.mgid.com
match.adsrvr.org
mug.criteo.com
openxdisplay970503469688.s.moatpixel.com
p.trvdp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.wp.com
portalsemakan.com
prebid.ad.smaato.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r3---sn-4g5ednsz.c.2mdn.net
rr2---sn-4g5edndz.googlevideo.com
rtb.openx.net
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.trvdp.com
s.youtube.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
static.criteo.net
stats.wp.com
stg.truvidplayer.com
sync.1rx.io
sync.targeting.unrulymedia.com
telekom.com.my
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
ups.analytics.yahoo.com
vid.trvdp.com
video-native.mgid.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
acdn.adnxs.com
cm.g.doubleclick.net
eus.rubiconproject.com
js-sec.indexww.com
104.108.145.172
104.109.78.125
104.19.133.78
104.19.135.78
104.19.136.78
104.92.74.8
108.157.4.35
130.211.115.4
142.250.184.194
142.250.185.130
142.250.185.230
142.250.186.162
178.250.0.157
178.250.2.131
18.156.0.31
18.195.201.245
184.30.24.198
184.30.25.161
184.31.84.150
185.33.221.13
185.86.138.122
185.86.139.93
192.0.76.3
198.47.127.19
204.237.133.116
209.54.180.144
213.19.147.44
216.58.212.130
220.158.200.104
2600:9000:223d:fe00:7:254f:8240:93a1
2600:9000:223e:e200:1e:6a6f:9700:93a1
2600:9000:224a:8600:1b:5138:8a40:93a1
2600:9000:2251:3a00:d:3c0f:bcc0:93a1
2600:9000:2315:d000:3:7e1c:5b40:93a1
2602:803:c004:200::141
2606:4700:20::681a:bd1
2606:4700::6810:5914
2607:f8b0:4002:c00::5e
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:22::14
2a00:1450:4001:1a::7
2a00:1450:4001:6c::8
2a00:1450:4001:800::200a
2a00:1450:4001:801::2006
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4013:c1a::65
2a02:2638:1::3
2a02:2638::1c
2a03:90c0:41:2801::254
2a04:4e42:600::645
2a06:98c1:3120::7
3.120.46.173
34.98.64.218
35.186.253.211
35.244.174.68
37.157.4.41
37.157.6.236
52.223.40.198
52.48.241.99
52.86.87.146
52.94.223.37
54.171.76.225
69.173.144.139
69.173.144.165
69.173.151.100
74.125.133.154
76.223.111.18
02a67ce3ff1bfb5e1d9cfbaa5c42bca195082ae04229f6c43058cc3495564326
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
05fd58bc7fe4e046c8d8ccad8c11e91978605696d33bb1338965233e36c45bca
0766e37797ed71aa16735a33a049c8e38950de648892e3fa64cb38e65af64e8f
080d8bc28812d9e7aff55c468d183de77b357ee528a8794278268f9be0466b07
08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939
0922e73de7215b4f7d86657ea8d214da40c152a1dad266603f693ab16fbeb02c
0b6396ebdc207806fae75c3110b87a821b5e16f017203537fec43f9ae09e7a77
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d99e6eb375f128658fa11f9c5ab2249912eee97f0e79e7e34e4afce81ec736c
0e891d90fd990f2642959e9f11eb7f5158bb0d1403a50e3dd2c0d2a13732e02c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
0f0035633fc2dde81455df4113c626989d4d54e4183d2747f06a63b65e3dad84
12a4e29c96a1fdfda599991ceae53622141a8bb977b65998435cb017faaa6266
12b4b4e7e185dd82c01c946b699fec57ad102914547ad6d5bc01c33e6ae49d66
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
16dd323fc179f4da7111503bdc1a8e2a8b034540ad3e1cf0a040d4d0ce7d04e3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
1cd2e8c202319462af768d00c18138dadc2334c824a0b494b6acc3735a7955fd
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e811ad01cdb86c2e3371c21e43125f873f1e6668400fe6d40b5e34878f960b5
1f0091606be52c0b9d5bb1a0ce5cf44e1da993b5d3737ce74abec2763b564612
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fe9162057c0bb787bda01e2098226be4b37bd2da37b04cafe35867f46b6b8cc
202f0cba1f0b9349dcf368c51767ee39e9834fc529d9adb7b0bc1ee10be2ccf6
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
2386b29d423527b0f402a0c9246348c320d174d94a364339f81562c4e6dbda9a
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3463aecfd16d3464c8fba9c16df693086482649d04cdfd461b5a71fb0bdeef2e
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3bb7f6d5828c9b945349223d6b15b2c466fa2a63d9720c852be5258dd8c738d5
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d2c43c2a939d4de06afbd2df497a4c4619907d0540fda06ae17d802f24900b7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b
470a890b82200c4cfef6d1efbafeda1895e58fc4ce60c18fef4f54a0fb762af2
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49cac2480801cf1cdbaa80f25b9458e9d13d0b2c59e45b1e0beed77045f8f582
4a6b80072f512a36f8c52fe84bb0341e40a92894a135dabe99b0aeadd2f246a6
4c090138c104cc66f39ee1413bb6efb3c892ebc54fa6527e3be4566aac040aef
4c80c27456e44686b378b1024534b69cdff323748c808afb6ea4db2fe974890b
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fadc70587c09a1b36d035bf43b2bc0a22f306c07fc8d18043389504de3d35a1
5052494ff09c4b59c4dfcd8b00ae07c79c26b63b99fb1a1369e908e8880e05a1
5168404c37cfa1f6fe21ca1d6a93b63705c5657adc834d572b34ac14763098fc
5309c495fd3d3026ac1ab1ac50bc344001a3486a21c131b5fbad65749b3106de
540cb7660b4112dfe91b120ba26fe677a8eee365681f38f53d3ff8d50cbae296
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5965008f49fc5dacad0690c57debaae8e02ab950d984453ea752de4369c07f2f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6046941efa0656622a5f07faee34cc197eafa53b446e6114bdc7b3e9a1af7023
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6aaaf19d843c5492519bd4c991e9d13375cf302b1c92b6284bf9cccd3ca0a048
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
7081cfacbe89525348dad12703a69c9120032039b50d3779f60fb9946febef5c
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
754d79c32d86a3d7b2ad327189b991f978f9c1c6f41f9bbea98eaa750aee9c93
776d36593df37e388073219929376017b98cfd39d6859e4b84e0181ee733137e
7814d67b586ad36b03c6c24ee7b22e0f1da7f5baae961e0038f6271614487ae9
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ec47d49a348a700aeed78d11853ad71889dd49d919e7196549b9d3724a05d8
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
88565de02ec08387d021fe62a5dfc39584b560c34e89dff87b62b41a38ee6926
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972
8a249ef5d6ecd934e2b64f5883ee3eb3f07db0441011edaeeb01ee0048f84828
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb7754cff2ea5b30b613e4f37242efe19c0591961f66f6456e9d2d1f27168a4
8fbe33313bd0708170444d76e920e57146bfc95b2a3105cbedd920144bf0b01d
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
94defb89d7c79c0784c0573d5f5c5960b8871e57ad966c85a56f254f4ed89477
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9671e19e1185a1fe92677c4e2c749fa99870f0c2db0908ffdd5c8e6d827b21f4
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12a37513b1a7e415907551deecc000268672bac723bfea99cd7af6c742f5b36
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7
a5c874df6a77647778dadf697aa77de082fb37dfe6bd81fa305c7f4020b1d2ce
a632c807d5e557bf02018f90435ef910402699acd418dd853913f9979161f4db
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aad665636d201351d86d40dd0462fa9f663adccce5d3f5deb8dda782fbcdf34b
ab6dd3ce1c2ddd590db04549b0472eef0774692c1189a83d7b9705e02e3c6f53
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac1d1be7ef807b53486374b83f64d0c6d9336da12774390fe5f539cf98a25e62
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ae72a2bc3c1ab0291872b9998f163bc790d07c316e8b629e38a3f2f761e49f6c
afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8
b0e2d4bc90ab81c20517135a48aa2ed5d8169260123605fc85220524765a0ff6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0
b4d043db0acb5168a5cb53edf6cf2c86a7248a4754988b5e6077c8f116e59e83
b7a0c2e5d8ff23e06e29c60ba8473dc2a2e5b772220e8a6cf984d3ff4ebc9196
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19
b99a2b415f8d604d5fdde2e50a206ea49419124fa1ec008f84bcc070c993bfd0
bae37be456f6c4ce883098b5777f99d940beb781832c20fe1824b4ac6f6c854f
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bcb32a6c603aa6d6f6bf9b7d4f9a49348de6790eb7370556fd19c723bee5b768
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c00db72d96199bbc6b33990b391bf17fe2c9a85f5cc23fe98a21a275796f2ce5
c0424bf17c093260bb3019ccb6e24448532bcbf6b96aea97c039058af67bce54
c0e9e6bd77d4e918b61a958c0fafbc9fe9793f4a142f77fafb206835514db608
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5b2b6e46cb835975b0b93ce77220260fe33be687bf4b0a591e9ea67075d396f
c6ee554a0005533662357d171f607619ccaafa1f24ab629b539c7c6d6a63fb67
cb83589a57c5a3e8c5f21ea3754e2eb9515e8370e5c126078c3c50601161a7cf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d67ed55311ad9bea0dcc7f8474c61cae381ac9a5e8f0b7b0170b5b8129a2e1db
d9a0b0b1d0bc792d6e2532ebcf761a4b5d7cccc4358166a25527bce890792dd2
dad3f70d0cd67683406ae1321078f0e101a6c4718c5608e83d2e454ad2c7c29f
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
db7064d1e7bff25932d4f5fe029239fe46e1057de89139a5a48220a76cc4d3d4
dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3d3b69af70099e96d03640dc42a6940e419d81a29a9ca545330163e0bf08e0
e1b25adac4aee63a1b3a4677caa83858e025df42fd9caf0163781d35585e5343
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e52e2ca4270e3f093313f9eb0b90af8a72ff61350c783dadb41eefd018402f01
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ec30306c113e15d84c044b4c4f6b751be424968f89ad404d99ce4528227f83f4
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2071f7d1245831b348c4c552e7e61eee09e94d7f90ad2eeb54ef2c1b463783b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60d7bcc95b56519372589201bc6dbea3b108c1f20b474b8bcbc2a4fda5a7f1c
f823ef4f6c185d8b947f81f6908f0c8bb8758a96fb5417cc1cdef669fa7f2664
f88c354e9a9e14b8642be19f6f016658c812ffd019462cdde7d953ef294f06f8
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

portalsemakan.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

92 %HTTPS

44 %IPv6

47 Domains

92 Subdomains

71 IPs

10 Countries

3719 kBTransfer

9005 kBSize

47 Cookies

29 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalsemakan.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

92 %
HTTPS

44 %
IPv6

47
Domains

92
Subdomains

71
IPs

10
Countries

3719 kB
Transfer

9005 kB
Size

47
Cookies

283 HTTP transactions
7 data transactions